Displaying 1 to 10 from 10 results

payloads - Git All the Payloads! A collection of web attack payloads.

  •    Shell

run ./get.sh to download external payloads and unzip any payload files that are compressed. Requests extracted from either packet captures or log files of capture the flag (ctf) events. Mostly raw data so not all requests are actual payloads, however requests should be deduplicated.

BlackWidow - A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website

  •    Python

BlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL's for common OWASP vulnerabilities. This software is released under the GNU General Public License v3.0. See LICENSE.md for details.

ATSCAN - Advanced Search & Mass Exploit Scanner- فاحص متقدم لبحث و استغلال الثغرات بالجملة

  •    Perl

● Search engine Google / Bing / Ask / Yandex / Sogou ● Mass Dork Search ● Multiple instant scans. ● Mass Exploitation ● Use proxy. ● Random user agent. ● Random engine. ● Extern commands execution. ● XSS / SQLI / LFI / AFD scanner. ● Filter wordpress and Joomla sites. ● Find Admin page. ● Decode / Encode Base64 / MD5 ● Ports scan. ● Collect IPs ● Collect E-mails. ● Auto detect errors. ● Auto detect Cms. ● Post data. ● Auto sequence repeater. ● Validation. ● Post and Get method ● Interactive and Normal interface. ● And more...




fusker - Fusker is a static HTTP server that provides optional security features for HTTP/Socket.io

  •    CoffeeScript

You think you're one raw dog? fusker.nodester.com Come at me bro. Please see this for a working express example. It's as easy as app.use(fusker.express.check); Detectives/payloads are the same as they would be for the fusker HTTP server. Make sure fusker is the first piece of middleware added.

albatar - Albatar is a SQLi exploitation framework in Python

  •    Python

I wrote Albatar to have a neat and tidy tool to exploit SQL Injection vulnerabilities. Unlike sqlmap, Albatar will not detect SQL Injection vulnerabilities, it was primarily designed to help me exploit not-so-straightforward SQLIs where sqlmap would need tweaking and patching to work.

sqli - A Laravel Artisan SQL Interactive Interface

  •    PHP

A Laravel 4 & 5 Artisan SQL Interactive Interface, plus a handful of Artisan commands to execute SQL queries.


libinjection-rs - Rust bindings for libinjection

  •    Rust

Rust bindings for libinjection. Fingerprints: Please refer to fingerprints.txt.

Offensive-Dockerfiles - Personal implementation of offensive tools as Dockerfiles

  •    Python

Personal implementation of offensive tools as Dockerfiles. Uses either alpine or python-slim base