Automated all-in-one OS command injection and exploitation tool. Detects and exploits command injection vulnerabilities in web applications …
Wordlist for content(directory) bruteforce discovering with Burp or dirsearch
[V5] This will help you setup a grabber with the following features: History, Passwords, Tokens, Cookies, Emails, IP Adresses, Roblox Login …
Open source compliance automation for SOC 2, GDPR, ISO27001, NIST 800-53, and more
perhaps the best CORS middleware library for Go
Lightweight program to find all known misconfigurations in CORS (Cross-Origin Resource Sharing) implementations. Tests for null origin, pre-…
Crtsh Subdomain Enumeration | This bash script makes it easy to quickly save and parse the output from https://crt.sh website.
Build Content-Security-Policy headers from a JSON file (or build them programmatically)
Discover new target domains using Content Security Policy
面向小白用户的 CTF / 逆向 Skills 整合包:自动分流、头脑风暴、教学模式、比赛模式、只提示模式
✂️ Removing CDN IPs from the list of IP addresses
A series of weaknesses has been discovered that could allow an attacker to inject malicious code in to aspects of the setup script, which ca…
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions ar…
CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support
收集本人自接触渗透测试用于漏洞验证的所有热门CVE、POC、CNVD攻击有效载荷+测试工具+FUZZ,一个仓库满足许多攻击测试场景,开箱即用.
This repo Gathers all available cve exploits from github.⚠️ Be careful Malware.
A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Open-source cybersecurity analysis agent for Claude Code. Scans projects for vulnerabilities across all OWASP 2025 Top 10 and CWE Top 25 cat…
List of some cybersecurity conferences
Cybersecurity Notes For Intermediate and Advanced Hackers | CEH Exam Prep Also Included
AI-powered offensive security agent with 7,300+ actionable security skills. Autonomous pentesting powered by MITRE ATT&CK (2,000+ Atomic tes…
This repository contains Bug Bounty writeups
Fast parameter analysis and XSS scanner. Features DOM-based XSS detection, built-in BAC (Blind XSS), custom payloads, headless Chrome suppor…
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.