Doyensec

awesome-electronjs-hacking

A curated list of awesome resources about Electron.js (in)security

burpdeveltraining

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

CSPTBurpExtension

CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.

CSPTPlayground

CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).

electronegativity

Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.

inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

PESD-Exporter-Extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

regexploit

Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)

Session-Hijacking-Visual-Exploitation

Session Hijacking Visual Exploitation

wsrepl

WebSocket REPL for pentesters

doyensec/inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

doyensec/electronegativity

Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.

doyensec/regexploit

Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)

doyensec/awesome-electronjs-hacking

A curated list of awesome resources about Electron.js (in)security

doyensec/wsrepl

WebSocket REPL for pentesters

doyensec/Session-Hijacking-Visual-Exploitation

Session Hijacking Visual Exploitation

doyensec/CSPTBurpExtension

CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.

doyensec/CSPTPlayground

CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).

doyensec/PESD-Exporter-Extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

doyensec/safeurl

A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.

doyensec/Prototype-Pollution-Gadgets-Finder

doyensec/GQLSpection

GQLSpection - parses GraphQL introspection schema and generates possible queries

doyensec/PoiEx

🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends

doyensec/cloudsec-tidbits

Blogpost series showcasing interesting cloud - web app security bugs

doyensec/Unsafe-Unpacking

Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide

doyensec/protoburp

Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages

doyensec/r2pickledec

Pickle decompiler plugin for Radare2

doyensec/db-race-conditions-playground

Database Race Condition Playground. Made with 🧡 by Doyensec LLC.

doyensec/webext_boilerplate

Web extension boilerplate files for web application testers.

doyensec/libajp13

AJPv1.3 Java Library

doyensec/SSHNuke_info

SSH Nuke Info

doyensec/exploitable-IoT-solution

!Exploitable IoT Exploit

doyensec/security-testbeds

doyensec/tsunami-security-scanner

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

doyensec/tsunami-security-scanner-plugins

This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.

doyensec/ComfyUI-tsunami-payload

doyensec/jekyll-algolia

Add fast and relevant search to your Jekyll site

doyensec/osv-scalibr

doyensec/ruby-unsafe-deserialization

Proof of Concepts for unsafe deserialization in Ruby

doyensec/semgrep-rules

Semgrep rules registry