esmo-ts

esmo-ts's Stars

• vanhauser-thc/thc-hydra

  hydra

  Language:C9.6k2k

• Cyfrin/aderyn

  Aderyn 🦜 Rust-based Solidity AST analyzer.

  Language:Rust38253

• crytic/slither

  Static Analyzer for Solidity and Vyper

  Language:Python5.3k965

• lballabio/QuantLib

  The QuantLib C++ library

  Language:C++5.3k1.8k

• lc/gau

  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

  Language:Go3.9k439

• swisskyrepo/SSRFmap

  Automatic SSRF fuzzer and exploitation tool

  Language:Python3k514

• sqlmapproject/sqlmap

  Automatic SQL injection and database takeover tool

  Language:Python32.2k5.7k

• ffuf/ffuf

  Fast web fuzzer written in Go

  Language:Go12.4k1.3k

• devanshbatham/OpenRedireX

  A fuzzer for detecting open redirect vulnerabilities

  Language:Python694130

• tomnomnom/qsreplace

  Accept URLs on stdin, replace all query string values with a user-supplied value

  Language:Go751123

• s0md3v/XSStrike

  Most advanced XSS scanner.

  Language:Python13.2k1.9k

• pcaversaccio/reentrancy-attacks

  A chronological and (hopefully) complete list of reentrancy attacks to date.

  1.3k147

• projectdiscovery/interactsh

  An OOB interaction gathering server and client library

  Language:Go3.3k356

• ksharinarayanan/SSRFire

  An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects

  Language:Shell940158

• sullo/nikto

  Nikto web server scanner

  Language:Perl8.4k1.2k

• nicholasaleks/CrackQL

  CrackQL is a GraphQL password brute-force and fuzzing utility.

  Language:Python31131

• dolevf/graphql-cop

  Security Auditor Utility for GraphQL APIs

  Language:Python36052

• dolevf/nmap-graphql-introspection-nse

  NSE Script for GraphQL Introspection Check

  Language:Lua186

• assetnote/batchql

  GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations

  Language:Python36438

• dolevf/graphw00f

  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

  Language:Python55368

• doyensec/inql

  InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

  Language:Python1.5k156

• nikitastupin/clairvoyance

  Obtain GraphQL API schema even if the introspection is disabled

  Language:Python1k92

• dolevf/Damn-Vulnerable-GraphQL-Application

  Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

  Language:JavaScript1.5k297

• curl/curl

  A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl offers a myriad of powerful features

  Language:C35.6k6.4k

• owasp-amass/amass

  In-depth attack surface mapping and asset discovery

  Language:Go11.9k1.9k

• xmendez/wfuzz

  Web application fuzzer

  Language:Python5.9k1.4k

• OJ/gobuster

  Directory/File, DNS and VHost busting tool written in Go

  Language:Go9.7k1.2k

• s0md3v/Arjun

  HTTP parameter discovery suite.

  Language:Python5.2k791

• assetnote/wordlists

  Automated & Manual Wordlists provided by Assetnote

  Language:CSS1.3k134

• OpenZeppelin/openzeppelin-contracts

  OpenZeppelin Contracts is a library for secure smart contract development.

  Language:JavaScript24.8k11.8k