Pinned Repositories
grandstream_exploits
retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
ThreatHunter-Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
whonow
A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
XSStrike
Most advanced XSS scanner.
jcrashkit's Repositories
jcrashkit/grandstream_exploits
jcrashkit/retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities
jcrashkit/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
jcrashkit/XSStrike
Most advanced XSS scanner.
jcrashkit/Android
A boilerplate project for Android written in Kotlin
jcrashkit/android-oss
Kickstarter for Android. Bring new ideas to life, anywhere.
jcrashkit/awesome-cve-poc
✍️ A curated list of CVE PoCs.
jcrashkit/awesome-wordlists
A curated list wordlists for bruteforcing and fuzzing
jcrashkit/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
jcrashkit/Diggy
Extract endpoints from apk files.
jcrashkit/docker-wordpress-letsencrypt
Wordpress Docker container using SSL Certificates with LetsEncrypt
jcrashkit/dtd-finder
List DTDs and generate XXE payloads using those local DTDs.
jcrashkit/govt-urls
Most government websites end in .gov or .mil, but many do not. This repo contains USA.gov's list of government URLs that don't end in .gov or .mil.
jcrashkit/htmlunit
🕸🧰☕️Tools to Scrape Dynamic Web Content via the 'HtmlUnit' Java Library
jcrashkit/Malware
IoT Security Reading List
jcrashkit/nmap
Nmap - the Network Mapper. Github mirror of official SVN repository.
jcrashkit/NodeJS-Red-Team-Cheat-Sheet
NodeJS Red-Team Cheat Sheet
jcrashkit/nothing-to-see-here
Mostly bash functions for testing sites
jcrashkit/OWASP-Web-Checklist
OWASP Web Application Security Testing Checklist
jcrashkit/panizza
:pizza: Panizza is a minimalist boilerplate for using zurb's panini templating system.
jcrashkit/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
jcrashkit/poc-graphql
Research on GraphQL from an AppSec point of view.
jcrashkit/Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
jcrashkit/requests-racer
Small Python library that makes it easy to exploit race conditions in web apps with Requests.
jcrashkit/retrofit
A type-safe HTTP client for Android and the JVM
jcrashkit/singularity
A DNS rebinding attack framework.
jcrashkit/WebHackersWeapons
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
jcrashkit/webthing
Iot webthing using mozilla gateway for raspberry pi
jcrashkit/wssip
Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
jcrashkit/ysoserial.net
Deserialization payload generator for a variety of .NET formatters