VulnLab is a web vulnerability lab project developed by Yavuzlar. Vulnerabilities SQL InjectionCross Site Scripting (XSS)Command InjectionInsecure Direct Object References…
Http2Smugl tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1…
Whatfiles is a Linux utility that logs what files another program reads/writes/creates/deletes on your system. It traces any new processes…
Second-Order is a Scans web applications for second-order subdomain takeover by crawling the app, and collecting URLs (and other data)…
Mandiant-Azure-AD-Investigator repository contains a PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity.…
Pwndora is a massive and fast IPv4 address range scanner, integrated with multi-threading. Using sockets, it analyzes which ports are…
T-Reqs-HTTP-Fuzzer (Two Requests) is a grammar-based HTTP Fuzzer written as a part of the paper titled "T-Reqs: HTTP Request Smuggling with Differential Fuzzing"…
Wireshark-Forensics-Plugin is the most widely used network traffic analyzer. It is an important tool for both live traffic analysis &…
dep-scan is a fully open-source security audit tool for project dependencies based on known vulnerabilities, advisories and license limitations. Both…
Http-Desync-Guardian is to Analyze HTTP Requests To Minimize Risks Of HTTP Desync Attacks. HTTP/1.1 went through a long evolution since 1991…