Killer-debug's Stars
github/codeql
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
joernio/joern
Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc
fortra/impacket
Impacket is a collection of Python classes for working with network protocols.
visma-prodsec/confused
Tool to check for dependency confusion vulnerabilities in multiple package management systems
projectdiscovery/notify
Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.
yeswehack/PwnFox
PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
harleo/knockknock
A simple reverse whois lookup tool which returns a list of domains owned by people or companies
PushpenderIndia/subdover
Subdover is a MultiThreaded Subdomain Takeover Vulnerability Scanner Written In Python3
m4ll0k/SecretFinder
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
ianare/exif-samples
Sample images for testing Exif metadata retrieval.
vavkamil/awesome-vulnerable-apps
Awesome Vulnerable Applications
Sh1Yo/x8
Hidden parameters discovery suite
0xZ0F/Z0FCourse_ReverseEngineering
Reverse engineering focusing on x64 Windows.
graphql/graphql-playground
🎮 GraphQL IDE for better development workflows (GraphQL Subscriptions, interactive docs & collaboration)
graphql-kit/graphql-voyager
🛰️ Represent any GraphQL API as an interactive graph
sushiwushi/bug-bounty-dorks
List of Google Dorks for sites that have responsible disclosure program / bug bounty program
dineshshetty/Android-InsecureBankv2
Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
tlamb96/kgb_messenger
An Android CTF practice challenge
lucideus-repo/cybergym
Lucideus CyberGym is the internal CTF event we organise for our security professionals to grow and learn together. Now everyone can access the challenges that can be easily setup and start playing.
Edu4rdSHL/unimap
Scan only once by IP address and reduce scan times with Nmap for large amounts of data.
Cgboal/SonarSearch
A rapid API for the Project Sonar dataset
projectdiscovery/shuffledns
MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.
vortexau/dnsvalidator
Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.
HashPals/Name-That-Hash
🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥
t0thkr1s/frida
Frida scripts for mobile application dynamic-analysis.
MuhammadKhizerJaved/Insecure-Firebase-Exploit
A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.
mzfr/slicer
A tool to automate the boring process of APK recon
JakeWharton/pidcat
Colored logcat script which only shows log entries for a specific application package.
BBVA/apicheck
The DevSecOps toolset for REST APIs
silentsignal/rsa_sign2n
Deriving RSA public keys from message-signature pairs