yaworsk

yaworsk's Stars

• opnsec/postMessage-logger

  Simple "postMessage logger" Chrome extension

  Language:JavaScript9320

• harisaurus/react-native-workshop

  Language:JavaScript1927

• hakluke/hakrevdns

  Small, fast tool for performing reverse DNS lookups en masse.

  Language:Go1.4k155

• kapytein/jsonp

  jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.

  Language:Python15030

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python58.2k14.2k

• lgandx/CCrawlDNS

  This small utility retrieves from the CommonCrawl data set unique subdomains for a given domain name.

  Language:Python15242

• anshumanbh/git-all-secrets

  A tool to capture all the git secrets by leveraging multiple open source git searching tools

  Language:Go1.1k196

• tarraschk/richelieu

  List of the most common French passwords

  33799

• mindedsecurity/graphqlschema2payload

  Reverse engineers GQL Schema and generates template payloads

  Language:CSS447

• righettod/poc-graphql

  Research on GraphQL from an AppSec point of view.

  Language:Java40661

• GoesToEleven/GolangTraining

  Training for Golang (go language)

  Language:Go9.7k3.6k

• JuxhinDB/OOB-Server

  A Bind9 server for pentesters to use for Out-of-Band vulnerabilities

  Language:Shell17971

• OWASP/CheatSheetSeries

  The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

  Language:Python27.1k3.8k

• secfigo/Awesome-Fuzzing

  A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

  5.2k809

• woj-ciech/LeakLooker

  Find open databases - Powered by Binaryedge.io

  1.3k306

• google/security-research-pocs

  Proof-of-concept codes created as part of security research done by Google Security Team.

  Language:C++1.9k246

• mandatoryprogrammer/JudasDNS

  Nameserver DNS poisoning attacks made easy

  Language:JavaScript516105

• firefart/CVE-2018-7600

  CVE-2018-7600 - Drupal 7.x RCE

  Language:Python7238

• EdOverflow/can-i-take-over-xyz

  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

  Language:Python4.6k688

• tc39/security

  Discussion area for security aspects of ECMAScript

  646

• arkadiyt/bounty-targets-data

  This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

  3k573

• eth0izzle/bucket-stream

  Find interesting Amazon S3 Buckets by watching certificate transparency logs.

  Language:Python1.7k208

• nahamsec/JSParser

  Language:Python781179

• natalysheinin/s3cur1ty-stuff

  Language:Python81

• orangetw/My-CTF-Web-Challenges

  Collection of CTF Web challenges I made

  Language:PHP2.6k477

• orangetw/Tiny-URL-Fuzzer

  A tiny and cute URL fuzzer

  Language:Python38683

• x0rz/phishing_catcher

  Phishing catcher using Certstream

  Language:Python1.7k345

• nahamsec/recon_profile

  Language:Shell405227

• cujanovic/SSRF-Testing

  SSRF (Server Side Request Forgery) testing resources

  Language:Python2.3k473

• mazen160/bfac

  BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code.

  Language:Python523106