Swurg is a Burp Suite extension designed for OpenAPI testing. The OpenAPI Specification (OAS) defines a standard, programming language-agnostic interface…
STEWS is a tool suite for security testing of Web Sockets This research was first presented at OWASP Global AppSec US…
Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and moreFor…
Forbidden is to Bypass 4xx HTTP response status codes. Based on PycURL. Script uses multithreading, and is based on brute forcing…
AirStrike is a tool that automates cracking of WPA-2 Wi-Fi credentials using client-server architecture. Requirements Airstrike uses Hashcat Brain Architecture, aircrack-ng suite, entr utility…
IAM Vulnerable is to use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.. IAM Vulnerable uses the…
IDA2Obj is a tool to implement SBI (Static Binary Instrumentation). The working flow is simple: Dump object files (COFF) directly from one executable binary.Link the object files into…
DLLHijackingScanner is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification. Generate Header from CSV The python script CsvToHeader.py can be…
ClusterFuzzLite is a continuous fuzzing solution that runs as part of Continuous Integration (CI) workflows to find vulnerabilities faster than ever before. With just…
Crawpy is Yet another content discovery tool written in python. What makes this tool different than others: It is written…