spwn3r49sd3r00
Security Researcher, AppSec Engineer securing & breaking things one day at a time.
FormAssemblyColorado
spwn3r49sd3r00's Stars
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
maurosoria/dirsearch
Web path scanner
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
LasCC/HackTools
The all-in-one browser extension for offensive security professionals 🛠
pwntester/ysoserial.net
Deserialization payload generator for a variety of .NET formatters
deepfence/SecretScanner
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
archerysec/archerysec
ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.
stevenvachon/broken-link-checker
Find broken links, missing images, etc within your HTML.
harsh-bothra/learn365
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
sting8k/BurpSuite_403Bypasser
Burpsuite Extension to bypass 403 restricted directory
irsdl/IIS-ShortName-Scanner
latest version of scanners for IIS short filename (8.3) disclosure vulnerability
wireghoul/dotdotpwn
DotDotPwn - The Directory Traversal Fuzzer
github/codeql-cli-binaries
Binaries for the CodeQL CLI
honoki/bbrf-client
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
BishopFox/sj
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
mrwadams/stride-gpt
An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.
awslabs/threat-composer
A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
g0ldencybersec/gungnir
CT Log Scanner
Syzik/DockerRegistryGrabber
Enumerate / Dump Docker Registry
c0dejump/HExHTTP
Header Exploitation HTTP
happycakefriends/certainly
Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scenarios.
doyensec/CSPTBurpExtension
CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
dirtycoder0124/XSS-Automation
doyensec/Prototype-Pollution-Gadgets-Finder
TAM-K592/CVE-2024-40725-CVE-2024-40898
CVE-2024-40725 and CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61. These flaws pose significant risks to web servers worldwide, potentially leading to source code disclosure and server-side request forgery (SSRF) attacks.
0xf4n9x/SonicWall_SSL-VPN_EXP
SonicWALL SSL-VPN Web Server Vulnerable Exploit
ADDVulcan/ADDVulcan
ADDVulcan satellite hacking solutions for for Hack-A-Sat 2020
watchtowrlabs/watchTowr-vs-progress-moveit_CVE-2024-5806
Exploit for the CVE-2024-5806
jakewarren/tldomains
Tiny library to parse the subdomain, domain, and tld extension from a host string