srand2

Pinned Repositories

apache-log-parser
0 1 00
burp-auto-gql
A plugin for Burp Suite Pro that uses the GraphQL schema to begin Active Scanning the entire endpoint.
Language:Python1 0 00
CheckPoint-Firewall-Enum
simple bash script to obtain the firewall's hostname and ICA name
Language:Shell0 1 00
lfimap
Local file inclusion discovery and exploitation tool
Language:Python1 0 00
mitmproxy2swagger
Automagically reverse-engineer REST APIs via capturing traffic
Language:HTML1 0 00
ShadowScan
"ShadowScan captures the essence of stealthiness, slow scanning, and the pursuit of vulnerabilities like low-hanging fruit.
Language:PowerShell0 1 00
toaster
Language:HTML00

srand2's Repositories

srand2/awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
0 0
srand2/BurpFeed
Hacked together script for feeding urls into Burp's Sitemap
srand2/firebaseExploiter
FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily built for mass hunting bug bounties and for penetration testing.
Language:Go0 0
srand2/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
srand2/GTFOBLookup
Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), and WADComs (https://wadcoms.github.io).
srand2/guidtool
A tool to inspect and attack version 1 GUIDs
srand2/JSFScan.sh
Automation for javascript recon in bug bounty.
srand2/JuicyPotatoNG
Another Windows Local Privilege Escalation from Service Account to System
Language:C++0 0
srand2/Koh
The Token Stealer
Language:C#
srand2/ldapnomnom
Anonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP)
srand2/match-replace-burp
Useful Match and Replace BurpSuite Rules
srand2/metlo
Metlo is an open-source API security platform.
Language:TypeScript0 0
srand2/mimikatz
A little tool to play with Windows security
srand2/obsidian-pentesting-vault
Sample Obsidian's vault for web pentesting
0 0
srand2/penelope
Penelope Shell Handler
srand2/phpimageshells
A purposely vulnerable application in order to demonstrate PHP payload smuggling techniques for PNG files.
srand2/Private-Nuclei-Templates
nuclei-templates
srand2/pywerview
A (partial) Python rewriting of PowerSploit's PowerView
srand2/RITM
Roast in the Middle
Language:Python0 0
srand2/secret-diver
Language:Go0 03
srand2/SeeYouCM-Thief
Language:HTML0 0
srand2/SharpEfsPotato
Local privilege escalation from SeImpersonatePrivilege using EfsRpc.
Language:C#0 0
srand2/sourcemapper
Extract JavaScript source trees from Sourcemap files
srand2/sqlmap-AES-encrypt-payload
sqlmap AES encrypt payload
Language:Python0 0
srand2/testr
TESTR - Vulnerable Python Web-App to practice XSS and Command Injection
srand2/vulnado
Purposely vulnerable Java application to help lead secure coding workshops
Language:Java0 0
srand2/warf
WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
Language:Python0 0
srand2/WebHeckScanner
A hacking tool for bug bounties. Sharing and modifying is encouraged!
Language:Python0 0
srand2/XSS-Catcher
Find blind XSS but why not gather data while you're at it.
Language:JavaScript0 0
srand2/xss2png
PNG IDAT chunks XSS payload generator
Language:Python0 0