MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common…
Php_Code_Analysis is a tool to Scan your PHP code for vulnerabilities the script can find check_file_upload issueshost_header_injectionSQl injectioninsecure deserializationopen_redirectSSRFXSSLFIcommand_injection Features…
DNSObserver is a handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities.…
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities. Install cd /optgit clone https://github.com/stark0de/nginxpwnercd nginxpwnerchmod +x…
VulnerableCode is a free and open database of FOSS software package vulnerabilities and the tools to create and keep the…
Watson is a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities. Supported Versions Windows…
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.…
Confused is a tool for checking for lingering free namespaces for private package names referenced in dependency configuration for Python…
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities. Why? I wanted to write…
Horusec is an open source tool that performs static code analysis to identify security flaws during the development process. Currently,…