ikkisoft
I like to experiment with computers, trying to understand how they work and eventually breaking them. At times, I fix things.
@doyensec San Francisco / Warsaw
ikkisoft's Stars
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
ntop/ntopng
Web-based Traffic and Security Network Traffic Monitoring
linkedin/qark
Tool to look for several security related Android application vulnerabilities
welk1n/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
Bubka/2FAuth
A Web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes
cujanovic/SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
Escapingbug/awesome-browser-exploit
awesome list of browser exploitation tutorials
ptoomey3/Keychain-Dumper
A tool to check which keychain items are available to an attacker once an iOS device has been jailbroken
globaleaks/globaleaks-whistleblowing-software
GlobaLeaks is a free and open-source whistleblowing software enabling anyone to easily set up and maintain a secure reporting platform.
Simpsonpt/AppSecEzine
AppSec Ezine Public Repository.
anestisb/vdexExtractor
Tool to decompile & extract Android Dex bytecode from Vdex files
ptoomey3/evilarc
Create tar/zip archives that can exploit directory traversal vulnerabilities
doyensec/electronegativity
Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
muraenateam/muraena
Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
ilmila/J2EEScan
J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
andreafioraldi/frida-fuzzer
This experimetal fuzzer is meant to be used for API in-memory fuzzing.
MozillaSecurity/dharma
Generation-based, context-free grammar fuzzer. Refer to https://github.com/posidron/dharma for a maintained version.
mborgerson/mdec
Decompilation as a Service. Explore multiple decompilers and compare their output with minimal effort. Upload binary, get decompilation.
sensepost/mallet
Mallet is an intercepting proxy for arbitrary protocols
sbehrens/sleepy-puppy
Deprecated please use https://github.com/Netflix/sleepy-puppy
gand3lf/semgrepper
An extension to use Semgrep inside Burp Suite.
bonkc/BugBountySubdomains
Tools to gather subdomains from Bug Bounty programs
aljazceru/mattermost-retention
Data retention /cleanup script for mattermost
francescolacerenza/TamperThemAll
A tampered payload generator to Fuzz Web Application Firewalls
irsl/apache-openoffice-rce-via-uno-links
doyensec/electronegativity-action
The action integrates Electronegativity, a tool to identify misconfigurations and security anti-patterns in Electron applications, into GitHub CI/CD.