Pinned Repositories
anticsrftokenbypass1
A python script to bypass the anti-csrf token by validating if there is length based validation for the token.
aptos-core
A layer 1 for everyone!
Awesome-DevSecOps-Platforms
A curated list of awesome security platforms,including CTF/Security Response Center/Bug Tracker and so on.
bugbountytools_setup
Bug Bounty Tools Setup Script
CIA-Hacking-Tools
Hacking Tools
Crypto-OpSec-SelfGuard-RoadMap
Here we collect and discuss the best DeFi, Blockchain and crypto-related OpSec researches and data terminals - contributions are welcome.
deepce
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
Smart-Contract-Audits
Smart Contract security audit reports
Smart-Contract-Security-Audits
Certified Smart Contract Audits for Ethereum, Solana, Near, Cardano, Aptos, Sui, Binance Smart Chain, Fantom, EOS, Tezos by Chainsulting
websecresearch's Repositories
websecresearch/aem-hacker
websecresearch/awesome-embedded-and-iot-security
A curated list of awesome embedded and IoT security resources.
websecresearch/Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
websecresearch/corkami-pics
File formats explanations, logos redrawing...
websecresearch/curlshell
reverse shell using curl
websecresearch/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
websecresearch/freeCodeCamp
freeCodeCamp.org's open-source codebase and curriculum. Learn to code for free.
websecresearch/gospider
Gospider - Fast web spider written in Go
websecresearch/GPOddity
The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
websecresearch/graphql-wordlist
The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
websecresearch/humanify
Un-minify Javascript code using ChatGPT
websecresearch/Immunefi-bug-bounty-writeups-list
curation of all(most) immunefi bug bounty writeups I could find(till now)
websecresearch/intrudir-BypassFuzzer
Fuzz 401/403/404 pages for bypasses
websecresearch/IoT-Lab-Setup-Guide
websecresearch/IoT-Pentest-devices-and-purpose
websecresearch/jazzer
Coverage-guided, in-process fuzzing for the JVM
websecresearch/js-xss
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
websecresearch/KeePwn
A python tool to automate KeePass discovery and secret extraction.
websecresearch/nginxpwner
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
websecresearch/nuclei-ai-extension
Nuclei AI - Browser Extension for Rapid Nuclei Template Generation
websecresearch/OSCP-cheatsheet
websecresearch/OSCP-Tricks-2023
OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines
websecresearch/Penetration-List
Penetration-List: A comprehensive resource for testers, covering all types of vulnerabilities and materials used in Penetration Testing. Includes payloads, dorks, fuzzing materials, and offers in-depth theory sections. Visit our Medium profile for more information.
websecresearch/Penetration-Testing
List of awesome penetration testing resources, tools and other shiny things
websecresearch/protobuf-extensibility-for-burp
websecresearch/Slack-Guardian
Slack Guardian is a proactive security suite that utilizes Python, Regex and Slack API to safeguard sensitive data posted on Slack Channels, ensuring seamless collaboration within Slack.
websecresearch/surf
Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.
websecresearch/turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
websecresearch/weird_proxies
Reverse proxies cheatsheet
websecresearch/Zphisher-GUI-Back_office
A Zphisher GUI Back-Office Plugin