Pinned Repositories
apache-log-parser
burp-auto-gql
A plugin for Burp Suite Pro that uses the GraphQL schema to begin Active Scanning the entire endpoint.
CheckPoint-Firewall-Enum
simple bash script to obtain the firewall's hostname and ICA name
lfimap
Local file inclusion discovery and exploitation tool
mitmproxy2swagger
Automagically reverse-engineer REST APIs via capturing traffic
ShadowScan
"ShadowScan captures the essence of stealthiness, slow scanning, and the pursuit of vulnerabilities like low-hanging fruit.
toaster
srand2's Repositories
srand2/lfimap
Local file inclusion discovery and exploitation tool
srand2/awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
srand2/awesome-vulnerable-apps
Awesome Vulnerable Applications
srand2/BB-profile-wagiro
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
srand2/cent
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
srand2/chatgpt-vscode
A VSCode extension that allows you to use ChatGPT
srand2/chaty
srand2/Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.
srand2/CredMaster
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
srand2/evilgophish
evilginx2 + gophish
srand2/GET-AUTOMATOR
Automates Arjun and speed up parameter bruteforcing
srand2/GoogD0rk
google-dorker
srand2/gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
srand2/graudit
grep rough audit - source code auditing tool
srand2/java-xxe-research
srand2/linWinPwn
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks
srand2/OneListForAll
Rockyou for web fuzzing
srand2/OneRuleToRuleThemStill
A revamped and updated version of my original OneRuleToRuleThemAll hashcat rule
srand2/OSWE
OSWE Preparation
srand2/Parsia-Clone
Clone me and get your own authentic Parsia-Clone today.
srand2/pup
Parsing HTML at the command line
srand2/pwncat
Fancy reverse and bind shell handler
srand2/secDevLabs
A laboratory for learning secure web and mobile development in a practical manner.
srand2/sub-scout
srand2/TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
srand2/trickest-wordlists
Real-world infosec wordlists, updated regularly
srand2/waymore
Find way more from the Wayback Machine!
srand2/web-hacking-playground
Web application with vulnerabilities found in real cases, both in pentests and in Bug Bounty programs.
srand2/wwwtree
A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.
srand2/xss_payloads-obfuscation-script
XSS payloads for edge cases