Stars
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attac…
CVE-2025-32433 https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2
curl-like access to AWS resources with AWS Signature Version 4 request signing.
Official Writeups for HackTheBox Business CTF 2025: Operation Blackout
Authorization Bypass in Next.js Middleware
Contains all the scripts and sample apps related to android in app protections.
A TrollStore installer for iOS 14.0 - 16.6.1
Tool for helping in the exploitation of path traversal vulnerabilities in Java web applications
Takes third-party HTML and produces HTML that is safe to embed in your web application. Fast and easy to configure.
A semi-interactive PHP shell compressed into a single file.
Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
🍝 A Burp Suite extension that allows you to save, paste and organize values during your web security testing assessments.
Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.
Cmd.exe Command Obfuscation Generator & Detection Test Harness
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI for more c…