Pinned Repositories
.NET-Deobfuscator
Lists of .NET Deobfuscator and Unpacker (Open Source)
0x94TR
0x94TR Scanner Burp Suite Extension | Python 2x
230-OOB
An Out-of-Band XXE server for retrieving file contents over FTP.
31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
awesome-grep
List of GREP modifications and alternatives for a variety of purposes
BChecks-Collection
BChecks collection for Burp Suite Professional
SWFPFinder
SWFPFinder - SWF Potential Parameters Finder
websocket-harness
Use normal web pentest tools to hack Websockets
affilares's Repositories
affilares/BChecks-Collection
BChecks collection for Burp Suite Professional
affilares/40k-nuclei-templates
40,000+ Nuclei templates for security scanning and detection across diverse web applications and services
affilares/androguard
Reverse engineering and pentesting for Android applications
affilares/APKHunt
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
affilares/apkurlgrep
Extract endpoints from APK files
affilares/badsecrets
A library for detecting known secrets across many web frameworks
affilares/BChecks
BChecks collection for Burp Suite Professional
affilares/Burp-Non-HTTP-Extension
Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.
affilares/clickjackingpoc
A Proof of Concept for Clickjacking Attacks
affilares/client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
affilares/cook
The Wordlist Framework
affilares/dalfox
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
affilares/frida-ios-hook
A script that helps you trace classes, functions, and modify the return values of methods
affilares/hw_hacking_cheatsheet
Hardware Hacking Cheatsheet infograph
affilares/InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
affilares/iOS_Reverse_Engineering
The iOS IPA file Reverse Engineering reference
affilares/jaeles-signatures
Default signature for Jaeles Scanner
affilares/medusa
Binary instrumentation framework based on FRIDA
affilares/objection
📱 objection - runtime mobile exploration
affilares/OpenRedireX
A Fuzzer for OpenRedirect issues
affilares/page-fetch
Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pages and see the returned values
affilares/proto-find
Let's check if your target is vulnerable for client side prototype pollution.
affilares/pyinstxtractor
PyInstaller Extractor
affilares/recollapse
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
affilares/secrets-patterns-db
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
affilares/sj
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
affilares/smugglefuzz
HTTP/2 based downgrade and smuggle scanner
affilares/TPM-Sniffing
A repo for TPM sniffing greatness
affilares/vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
affilares/xamarin-assembly-store-unpack
Python utility for parsing Xamarin AssemblyStore blob files