Pinned Repositories
GadgetProbe
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
GitGot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
h2csmuggler
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
rmiscout
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
Burp-Scanner-OOB-Checks
This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter
dart
Dynamic Animation and Robotics Toolkit
phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
security-cheatsheets
A collection of cheatsheets for various infosec tools and topics.
truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
the-bumble's Repositories
the-bumble/Burp-Scanner-OOB-Checks
This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter
the-bumble/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
the-bumble/security-cheatsheets
A collection of cheatsheets for various infosec tools and topics.
the-bumble/truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
the-bumble/dart
Dynamic Animation and Robotics Toolkit
the-bumble/droopescan
A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.
the-bumble/elasticsearch
Open Source, Distributed, RESTful Search Engine
the-bumble/elasticsearch-lang-python
Python language Plugin for ElasticSearch
the-bumble/eshost
A uniform wrapper around a multitude of ECMAScript hosts. CLI: https://github.com/bterlson/eshost-cli
the-bumble/gadgetinspector
A byte code analyzer for finding deserialization gadget chains in Java applications
the-bumble/GadgetProbe
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
the-bumble/GitGot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
the-bumble/pyes
Python connector for ElasticSearch
the-bumble/PyGithub
Typed interactions with the GitHub API v3
the-bumble/the-bumble.github.io
GitHub Pages site
the-bumble/vimperator-labs
Vimperator