Jarijaas's Stars
WerWolv/ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
presidentbeef/brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
tanprathan/MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
lief-project/LIEF
LIEF - Library to Instrument Executable Formats
timvisee/send
:mailbox_with_mail: Simple, private file sharing. Mirror of https://gitlab.com/timvisee/send
scottrogowski/code2flow
Pretty good call graphs for dynamic languages
WithSecureLabs/drozer
The Leading Security Assessment Framework for Android.
noraj/OSCP-Exam-Report-Template-Markdown
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
Qianlitp/crawlergo
A powerful browser crawler for web vulnerability scanners
microsoft/restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
google/martian
Martian is a library for building custom HTTP/S proxies
joernio/joern
Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc
rodrigo-brito/ninjabot
A fast trading bot platform for cryptocurrency in Go (Binance)
ptswarm/reFlutter
Flutter Reverse Engineering Framework
secure-software-engineering/FlowDroid
FlowDroid Static Data Flow Tracker
BishopFox/eyeballer
Convolutional neural network for analyzing pentest screenshots
Fahrj/reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such
EFForg/apkeep
moul/http2curl
:triangular_ruler: Convert Golang's http.Request to CURL command line
firefart/stunner
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.
MobSF/mobsfscan
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
detectify/page-fetch
Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pages and see the returned values
LloydLabs/delete-self-poc
A way to delete a locked file, or current running executable, on disk.
zoph-io/MAMIP
[MAMIP] Monitor AWS Managed IAM Policies Changes
aapooksman/certmitm
A tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application.
iosiro/baserunner
A tool for exploring Firebase datastores.
quarkslab/AERoot
AERoot is a command line tool that allows you to give root privileges on-the-fly to any process running on the Android emulator with Google Play flavors AVDs.
mandiant/route-sixty-sink
Link sources to sinks in C# applications.
F5-Labs/cryptonice
CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration and supporting protocols such as HTTP2 and DNS.