run ./get.sh to download external payloads and unzip any payload files that are compressed. Requests extracted from either packet captures or log files of capture the flag (ctf) events. Mostly raw data so not all requests are actual payloads, however requests should be deduplicated.
payload payloads xss sqli web-attack-payloads passwordsBlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL's for common OWASP vulnerabilities. This software is released under the GNU General Public License v3.0. See LICENSE.md for details.
web application scanner osint fuzzer owasp vulnerability spider passive active sqli xss lfi rfi rce csrf automated scan report● Search engine Google / Bing / Ask / Yandex / Sogou ● Mass Dork Search ● Multiple instant scans. ● Mass Exploitation ● Use proxy. ● Random user agent. ● Random engine. ● Extern commands execution. ● XSS / SQLI / LFI / AFD scanner. ● Filter wordpress and Joomla sites. ● Find Admin page. ● Decode / Encode Base64 / MD5 ● Ports scan. ● Collect IPs ● Collect E-mails. ● Auto detect errors. ● Auto detect Cms. ● Post data. ● Auto sequence repeater. ● Validation. ● Post and Get method ● Interactive and Normal interface. ● And more...
dork server engine scanner xss lfi rfi ports exploitation sqli data vulnerability-scanners system security tools portscan shell web-application mass-exploitation-scannerIt is capable of cracking hashes without prior knowledge of the algorithm, scanning ports on a given host, searching for SQLi vulnerabilities in a given URL, verifying that your Google dorks work like they should, verifying the algorithm of a given hash, scanning a URL for XSS vulnerability, and finding usable HTTP proxies. Once you have the program installed cd into the directory and run the following command: pip install -r requirements.txt This will install all of the programs needed libraries and should be able to be run from there.
proxies sqli vulnerability port-scanning hash-cracking google-dorks hash-verificationYou think you're one raw dog? fusker.nodester.com Come at me bro. Please see this for a working express example. It's as easy as app.use(fusker.express.check); Detectives/payloads are the same as they would be for the fusker HTTP server. Make sure fusker is the first piece of middleware added.
fusker hack protect csrf lfi xss sqli injection attack blacklist express socket security firewallAWS Lambda framework for building functions using Node.js for API Gateway, IoT applications, and other AWS events. Install via npm.
aws-lambda aws-lambda-framework jwt aws lambda framework validation wrapper api gateway sql sql-injection sqli injection attack iot serverlessI wrote Albatar to have a neat and tidy tool to exploit SQL Injection vulnerabilities. Unlike sqlmap, Albatar will not detect SQL Injection vulnerabilities, it was primarily designed to help me exploit not-so-straightforward SQLIs where sqlmap would need tweaking and patching to work.
sqliA Laravel 4 & 5 Artisan SQL Interactive Interface, plus a handful of Artisan commands to execute SQL queries.
sqli sqlite laravel databasesRust bindings for libinjection. Fingerprints: Please refer to fingerprints.txt.
libinjection rust-bindings sqli xss rust-cratePersonal implementation of offensive tools as Dockerfiles. Uses either alpine or python-slim base
docker pentest sqli osint offensive-security infosec hacking
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.