Pinned Repositories
BurpSuite-Team-Extension
This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes through your Burpsuite instance will be replicated in the history of the other testers and vice-versa!
BurpSuiteAutoCompletion
This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
BurpSuiteTeamServer
This is the Go Server that relays all HTTP requests and responses between clients.
CloudCopy
This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission.
DirectoryImporter
This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an alternative to proxying bruteforcing tools through burp to catch the results.
gofingerprint
GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
goRecorder
During pentesting I often miss screenshots of events for reports due to the quick pace of testing and a lack of foreknowledge about what will be important. To remedy that problem (and also to teach myself go) I built a command line tool that implements the "clip that" functionality of gaming consoles to allow me to save the last minute of screen activity as images to later view.
ParameterMiner
Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, ParameterMiner! Pipe in a list of javascript urls and ParameterMiner pulls all the variable names.
RepeaterSearch
This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response matches a query via simple text matching or Regex.
vhostChecker
VHostChecker takes a csv list of targets in the form of domain,ip,port and runs 4 seperate connection checks to get a quick sense of how the target handles Host Header changes.
Static-Flow's Repositories
Static-Flow/BurpSuite-Team-Extension
This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes through your Burpsuite instance will be replicated in the history of the other testers and vice-versa!
Static-Flow/gofingerprint
GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
Static-Flow/RepeaterSearch
This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response matches a query via simple text matching or Regex.
Static-Flow/DirectoryImporter
This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an alternative to proxying bruteforcing tools through burp to catch the results.
Static-Flow/vhostChecker
VHostChecker takes a csv list of targets in the form of domain,ip,port and runs 4 seperate connection checks to get a quick sense of how the target handles Host Header changes.
Static-Flow/BurpSuiteTeamServer
This is the Go Server that relays all HTTP requests and responses between clients.
Static-Flow/BurpSuiteAutoRepeaterNaming
This extension replaces the default repeater tab name with the URL path of the repeater request.
Static-Flow/BurpGraphQLViewer
This extension provides a central location for viewing all GraphQL requests/responses within a Burp project. It provides a clean UI that groups all requests by "operationName" and for each GraphQL request shows a pretty printed view of the query and the raw Burp Suite Request/Response.
Static-Flow/BOR
BOR - Break On Request, is a burp extension that provides a custom context menu for marking requests to be stopped by the interceptor with only one click!
Static-Flow/BurpSuiteShareRequests
This Burp Suite extension enables the generation of shareable links to specific requests which other Burp Suite users can import.
Static-Flow/BurpSuiteSaveIntruderTabs
This Burp Suite Extension allows you to save Intruder tabs for a project
Static-Flow/BurpSuiteGuiLibrary
Library for manipulating BurpSuites UI
Static-Flow/UUIDHunter
This Extension provides a Passive and Active Scan Check that detects V1 UUIDs and attempts to find other potentially valid ones.
Static-Flow/CommunityToolRequests
This repository attempts to provide a common place for those in the security space to request tooling and find ideas for tools to build.
Static-Flow/MutliNWriter
This package provides an alternative to io.MultiWriter that enables dynamic addition and removal of io.Writers at run time.
Static-Flow/AdventOfCode2021
Github project for tracking AdventOfCode 2021 Solutions
Static-Flow/Burp-IISTildeEnumerationScanner
Burp extension for exploiting IIS Tilde Enumeration vulnerability
Static-Flow/HackerOneVulnerabilityDrafter
This Burp Suite Extension provides a custom context menu for sending Repeater requests or Scanner findings to HackerOne's vulnerability submission endpoint.
Static-Flow/HeuristicProxy
HeuristicProxy is a reverse proxy that uses inferences about average server endpoint responses to flag potentially harmful responses or data exfil attempts for further review or block them from ever being returned to users.
Static-Flow/infiniMaze
InfiniMaze is an infinite, persistent, procedurally generated, explorable maze! Based off of https://github.com/itchyny/maze but heavily modified to support this use case.
Static-Flow/adventOfCode2023
Advent of Code 2023 Solutions in Golang
Static-Flow/ffuf
Fast web fuzzer written in Go
Static-Flow/gain
Gain is a high-performance io_uring networking framework written entirely in Go.
Static-Flow/go-pretty
Pretty print tables and more in golang!
Static-Flow/go-uring
The `io_uring` library and runtime for GO
Static-Flow/intellij-ghidra
An IntelliJ IDEA plugin for working on Ghidra Extensions.
Static-Flow/masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
Static-Flow/npk
A mostly-serverless distributed hash cracking platform
Static-Flow/samba-ad-dc
:whale: Docker image of Samba Active Directory Domain Controller
Static-Flow/sharpfuzz
AFL-based fuzz testing for .NET