Pinned Repositories
BB-legal-FR
Quelques conseils autour des obligations légales, fiscales et juridique pour la pratique du Bug Bounty en France
ctf-party
:triangular_flag_on_post: A CLI tool & library to enhance and speed up script/exploit writing with string conversion/manipulation.
firefox-extension-arch-search
A set of Web Extensions that adds ArchLinux (bug tracker, forum, packages, wiki, AUR) as a search engine to the Firefox browser.
flask-session-cookie-manager
:cookie: Flask Session Cookie Decoder/Encoder
haiti
:key: Hash type identifier (CLI & lib)
OSCP-Exam-Report-Template-Markdown
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
pass-station
CLI & library to search for default credentials among thousands of Products / Vendors
rawsec-cybersecurity-inventory
An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
Umbraco-RCE
Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
noraj's Repositories
noraj/BB-legal-FR
Quelques conseils autour des obligations légales, fiscales et juridique pour la pratique du Bug Bounty en France
noraj/vrt-cli
A simple tool to visualize VRT (Vulnerability Rating Taxonomy) from the CLI.
noraj/hacktricks
noraj/XSS-classification-model
:speech_balloon: XSS classification model - Types of Cross-Site Scripting
noraj/huxdemp
A better hexdump
noraj/Pinkerton
🕵️ Pinkerton is an JavaScript file crawler and secret finder tool developed in Python
noraj/goop
Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
noraj/mantra
「🔑」A tool used to hunt down API key leaks in JS files and pages
noraj/node-build
Install NodeJS versions
noraj/public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
noraj/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
noraj/cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
noraj/catalog-1
The shard catalog for shardbox.org
noraj/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
noraj/command_kit.rb
A Ruby toolkit for building complete and robust CLI commands.
noraj/content
The content behind MDN Web Docs
noraj/ferdium-recipes
Recipes encapsulate your favourite apps into Ferdium for unified notifications handling and more
noraj/Flask-Unsign
Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
noraj/gulp-data
Generate a data object from a variety of sources: json, front-matter, database, anything... and set it to the file object for other plugins to consume.
noraj/hexo-theme-icarus
A simple, delicate, and modern theme for the static site generator Hexo.
noraj/hexxy
a modern and beautiful alternative to xxd and hexdump.
noraj/ldap-passback-docker
noraj/publish-extensions
Scripts for publishing VS Code extensions to open-vsx.org
noraj/pwning-juice-shop
Antora/Asciidoc content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"
noraj/reptor
noraj/session
Simple session middleware for Express
noraj/Smap
a drop-in replacement for Nmap powered by shodan.io
noraj/sourcemapper
Extract JavaScript source trees from Sourcemap files
noraj/trackerjacker
Like nmap for mapping wifi networks you're not connected to, plus device tracking
noraj/vscode-languagetool-linter
A from scratch redesign of LanguageTool integration for VS Code.