Pinned Repositories
batchql
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
blind-ssrf-chains
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
commonspeak2
Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists
commonspeak2-wordlists
Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.
ghostbuster
Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.
kiterunner
Contextual Content Discovery Tool
newtowner
Abuse trust-boundaries to bypass firewalls and network controls
nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
surf
Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.
wordlists
Automated & Manual Wordlists provided by Assetnote
assetnote's Repositories
assetnote/kiterunner
Contextual Content Discovery Tool
assetnote/wordlists
Automated & Manual Wordlists provided by Assetnote
assetnote/nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
assetnote/blind-ssrf-chains
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
assetnote/commonspeak2
Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists
assetnote/surf
Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.
assetnote/commonspeak2-wordlists
Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.
assetnote/batchql
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
assetnote/newtowner
Abuse trust-boundaries to bypass firewalls and network controls
assetnote/ghostbuster
Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.
assetnote/exploits
Repository to store exploits created by Assetnotes Security Research team
assetnote/hopgoblin
Adobe Experience Manager (AEM) hacking toolkit
assetnote/jira-mobile-ssrf-exploit
Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)
assetnote/h2csmuggler
assetnote/kitebuilder
assetnote/dbmate
:rocket: A lightweight, framework-agnostic database migration tool.
assetnote/rod
A Chrome DevTools Protocol driver for web automation and scraping.
assetnote/rules_python
Experimental Bazel Python Rules
assetnote/squirrel
Fluent SQL generation for golang
assetnote/uptime-kuma
A fancy self-hosted monitoring tool
assetnote/celery-exporter
A Prometheus exporter for Celery metrics
assetnote/cimg-postgres
assetnote/cloudflare-go
Go library for the Cloudflare v4 API
assetnote/crypto
[mirror] Go supplementary cryptography libraries
assetnote/docker-pgbouncer
Minimal PgBouncer image that is easy to configure
assetnote/go-logkeycheck
Ensure zap log field names are consistent
assetnote/pg-repack-docker
Docker image for 'pg_repack' (PostgreSQL extension) to use 'client-side' to run/invoke the actual repack functionality for a PostgreSQL database with the extension installed.
assetnote/pgconn
assetnote/pgx
PostgreSQL driver and toolkit for Go
assetnote/zgrab2
Fast Go Application Scanner