Pinned Repositories
anticsrftokenbypass1
A python script to bypass the anti-csrf token by validating if there is length based validation for the token.
aptos-core
A layer 1 for everyone!
Awesome-DevSecOps-Platforms
A curated list of awesome security platforms,including CTF/Security Response Center/Bug Tracker and so on.
bugbountytools_setup
Bug Bounty Tools Setup Script
CIA-Hacking-Tools
Hacking Tools
Crypto-OpSec-SelfGuard-RoadMap
Here we collect and discuss the best DeFi, Blockchain and crypto-related OpSec researches and data terminals - contributions are welcome.
deepce
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
Smart-Contract-Audits
Smart Contract security audit reports
Smart-Contract-Security-Audits
Certified Smart Contract Audits for Ethereum, Solana, Near, Cardano, Aptos, Sui, Binance Smart Chain, Fantom, EOS, Tezos by Chainsulting
websecresearch's Repositories
websecresearch/auditd
Best Practice Auditd Configuration
websecresearch/commonCrawlParser
Simple multi threaded tool to extract domain related data from commoncrawl.org
websecresearch/Cybersecleague-writeups
Cybersec League: hackathon i escape room w jednym
websecresearch/hack.cert.pl-writeups
archiwum zadań CTF ze wszystkich konkursów organizowanych i współorganizowanych przez CERT Polska
websecresearch/Hands-On-Bug-Hunting-for-Penetration-Testers
Hands-On Bug Bounty for Penetration Testers, published by Packt
websecresearch/hawkeye
Hawkeye filesystem analysis tool
websecresearch/ios-analysis
Automated Binary Analysis on iOS
websecresearch/jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
websecresearch/kube-scan
Kubernetes Scanner
websecresearch/lazyshot
The simplest way to take an automated screenshot of given URLs. Easy installation! Edit
websecresearch/Magisk-Frida-Server
template
websecresearch/masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
websecresearch/meetup
⭐️ Repositorio oficial de Angular Medellín ⭐️
websecresearch/nforceit_IoT
This programm is used to auto discover vulnerabilities from extracted IoT device firmware
websecresearch/psycho-path
psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write files into the webroot (aka document root). The "blind" aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source code or the filesystem.
websecresearch/RoboBurp
Robot Framework Library for BurpSuite to perform authenticated scan on an application.
websecresearch/s3-buckets-finder
Find aws s3 buckets and extract datas.
websecresearch/security-template
A static website template for security pages.
websecresearch/SubDomainTakeoverTools
websecresearch/SubOver
A Powerful Subdomain Takeover Tool
websecresearch/Swiftness
A note-taking macOS app for penetration-testers.
websecresearch/TakeOver-v1
Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdomain takeover vulnerability.
websecresearch/Telewreck
A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.
websecresearch/terraform-burp-collaborator
Terraform configuration to build a Burp Private Collaborator Server
websecresearch/the-definite-guide-to-arm-exploitation
Code Samples for the book "The Definite Guide to ARM Exploitation"
websecresearch/ThingsTranslator
ThingsTranslator is an Android application by which you can detect things and detect text and also you can translate it into your own local language.
websecresearch/wordlists-for-nmap
websecresearch/xssfinder
Toolset for detecting reflected xss in websites
websecresearch/ysoserial.net
Deserialization payload generator for a variety of .NET formatters
websecresearch/zap-cicd-integration
A python script which is designed to integrate vulnerability assessment capabilities using OWASP Zed Attack Proxy (ZAP) into CI/CD platforms and pipelines