esmo-ts's Stars
vanhauser-thc/thc-hydra
hydra
Cyfrin/aderyn
Aderyn 🦜 Rust-based Solidity AST analyzer.
crytic/slither
Static Analyzer for Solidity and Vyper
lballabio/QuantLib
The QuantLib C++ library
lc/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
sqlmapproject/sqlmap
Automatic SQL injection and database takeover tool
ffuf/ffuf
Fast web fuzzer written in Go
devanshbatham/OpenRedireX
A fuzzer for detecting open redirect vulnerabilities
tomnomnom/qsreplace
Accept URLs on stdin, replace all query string values with a user-supplied value
s0md3v/XSStrike
Most advanced XSS scanner.
pcaversaccio/reentrancy-attacks
A chronological and (hopefully) complete list of reentrancy attacks to date.
projectdiscovery/interactsh
An OOB interaction gathering server and client library
ksharinarayanan/SSRFire
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
sullo/nikto
Nikto web server scanner
nicholasaleks/CrackQL
CrackQL is a GraphQL password brute-force and fuzzing utility.
dolevf/graphql-cop
Security Auditor Utility for GraphQL APIs
dolevf/nmap-graphql-introspection-nse
NSE Script for GraphQL Introspection Check
assetnote/batchql
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
dolevf/graphw00f
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
doyensec/inql
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
nikitastupin/clairvoyance
Obtain GraphQL API schema even if the introspection is disabled
dolevf/Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
curl/curl
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl offers a myriad of powerful features
owasp-amass/amass
In-depth attack surface mapping and asset discovery
xmendez/wfuzz
Web application fuzzer
OJ/gobuster
Directory/File, DNS and VHost busting tool written in Go
s0md3v/Arjun
HTTP parameter discovery suite.
assetnote/wordlists
Automated & Manual Wordlists provided by Assetnote
OpenZeppelin/openzeppelin-contracts
OpenZeppelin Contracts is a library for secure smart contract development.