manuel-sommer's Stars
apache/superset
Apache Superset is a Data Visualization and Data Exploration Platform
blacklanternsecurity/bbot
The recursive internet scanner for hackers. 🧡
Azure/Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
everywall/ladder
Selfhosted alternative to 12ft.io. and 1ft.io bypass paywalls with a proxy ladder and remove CORS headers from any URL
S3cur3Th1sSh1t/WinPwn
Automation for internal Windows Penetrationtest / AD-Security
Findomain/Findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
x90skysn3k/brutespray
Bruteforcing from various scanner output - Automatically attempts default creds on found services.
lutfumertceylan/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
s4n7h0/xvwa
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
enjoiz/XXEinjector
Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
dwisiswant0/crlfuzz
A fast tool to scan CRLF vulnerability written in Go
hakluke/weaponised-XSS-payloads
XSS payloads designed to turn alert(1) into P1
tadwhitaker/Security_Engineer_Interview_Questions
Every Security Engineer Interview Question From Glassdoor.com
screetsec/Dracnmap
Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.
elkokc/reflector
Burp plugin able to find reflected XSS on page in real-time while browsing on site
TakSec/google-dorks-bug-bounty
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting
BuffaloWill/oxml_xxe
A tool for embedding XXE/XML exploits into different filetypes
wireghoul/dotdotpwn
DotDotPwn - The Directory Traversal Fuzzer
r0075h3ll/Oralyzer
Open Redirection Analyzer
incredibleindishell/SSRF_Vulnerable_Lab
This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
utkusen/promptmap
automatically tests prompt injection attacks on ChatGPT instances
cujanovic/Open-Redirect-Payloads
Open Redirect Payloads
capture0x/XSS-LOADER
Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
TheCyb3rAlpha/BobTheSmuggler
"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
jcesarstef/dotdotslash
Search for Directory Traversal Vulnerabilities
aquasecurity/vuln-list
NVD, Ubuntu, Alpine
fcavallarin/domdig
DOM XSS scanner for Single Page Applications
faiyazahmad07/xss_vibes
A modern tool written in Python that automates your xss findings.
lauritzh/domscan
Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
roughiz/lfito_rce
LFI to RCE via phpinfo() assistance or via controlled log file