Pinned Repositories
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
a-full-list-of-wordlists
this contain the burp pack
aws-report
AWS Report is a tool for analyzing amazon resources.
CVE-2022-1388-Exploit-POC
PoC for CVE-2022-1388_F5_BIG-IP
fuzzapi
Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
Log4j-Detector
This script will help you to automate exploit scanning againts a list of URL's
Microsoft-CVE-2022-26809-The-Little-Boy
The poc for CVE-2022-26809 RCE via RPC will be updated here.
OpenRedireX
A Fuzzer for OpenRedirect issues
SSL-Pining-BypassScripts
VMware-CVE-2022-22954
POC for VMWARE CVE-2022-22954
sherlocksecurity's Repositories
sherlocksecurity/VMware-CVE-2022-22954
POC for VMWARE CVE-2022-22954
sherlocksecurity/CVE-2022-1388-Exploit-POC
PoC for CVE-2022-1388_F5_BIG-IP
sherlocksecurity/Microsoft-CVE-2022-26809-The-Little-Boy
The poc for CVE-2022-26809 RCE via RPC will be updated here.
sherlocksecurity/Log4j-Detector
This script will help you to automate exploit scanning againts a list of URL's
sherlocksecurity/OpenRedireX
A Fuzzer for OpenRedirect issues
sherlocksecurity/SSL-Pining-BypassScripts
sherlocksecurity/aws-report
AWS Report is a tool for analyzing amazon resources.
sherlocksecurity/gitGraber
gitGraber is a tool developed in Python3 to monitor GitHub to search and find sensitive data for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
sherlocksecurity/sql-injection-payload-list
🎯 SQL Injection Payload List
sherlocksecurity/acunetix
acunetix 13 crack by mtd
sherlocksecurity/broken-link-checker
Find broken links, missing images, etc within your HTML.
sherlocksecurity/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
sherlocksecurity/PyIntelX
I'm designed to search and extract data from the [IntelligenceX] IntelX API using specific keywords
sherlocksecurity/attacking-and-auditing-docker-containers-and-kubernetes-clusters
Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters
sherlocksecurity/awsHackerX
sherlocksecurity/BountyCalculator
sherlocksecurity/breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
sherlocksecurity/certsio
sherlocksecurity/CVE-2020-1206-POC
CVE-2020-1206 Uninitialized Kernel Memory Read POC
sherlocksecurity/CVE-2023-4762-Code-Review
sherlocksecurity/ImageMagick-POC
ImageMagick LFI PoC [CVE-2022-44268]
sherlocksecurity/IPRotate_Burp_Extension
Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
sherlocksecurity/KeysV1
sherlocksecurity/log4shell-vulnerable-app
A Basic Java Application Vulnerable to the Log4Shell RCE
sherlocksecurity/ParamSpider
Mining parameters from dark corners of Web Archives
sherlocksecurity/postMessage-tracker
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
sherlocksecurity/SherlockPortals
A simple python script to check if a domain is using external services like Zendesk, OneDirect, Freshwork, Freshdesk
sherlocksecurity/Sudomy
Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way . Report output in HTML or CSV format
sherlocksecurity/TceTrainings
sherlocksecurity/Vmware-CVE-2022-22972