Search the Community

GoTestWAF is a tool for API and OWASP attack simulation, that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC, and others. It was designed to evaluate web application security solutions, such as API security proxies, Web Application Firewalls, IPS, API gateways, and others. Changelog v0.3.1 Fixed bugs [hide][Hidden Content]]

Dismap positioning is an asset discovery and identification tool; its characteristic function is to quickly identify Web fingerprint information and locate asset types. Assist the red team to quickly locate the target asset information, and assist the blue team to find suspected vulnerabilities Dismap has a comprehensive fingerprint rule library, so you can easily customize new recognition rules. With the help of golang’s concurrency advantages, rapid asset detection and identification can be achieved Changelog v0.4 Optimize concurrency strategy to improve speed (a2a779f) Optimize json output (a2a779f) #19 Added giop protocol identification rules (edcf125) Added web fingerprinting rules [hide][Hidden Content]]

hack-browser-data is an open-source tool that could help you decrypt data[passwords|bookmarks|cookies|history] from the browser. It supports the most popular browsers on the market and runs on Windows, macOS, and Linux. Changelog v0.4 feat: support Go 1.18 generics, refactor project layout feat: add support for all published firefox feat: add color output for command line logs feat: add support chromium when some Linux distributions does not use D-Bus to get master key fix: getting wrong Chromium cookie file path error fix: check AES block size when decrypting Chromium password under Windows fix: export credit card failed for windows [hide][Hidden Content]]

Pentesters HackTools is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverses shells, and much more. Current functions: Dynamic Reverse Shell generator (PHP, Bash, Ruby, Python, Perl, Netcat) Shell Spawning (TTY Shell Spawning) XSS Payloads Basic SQLi payloads Local file inclusion payloads (LFI) Base64 Encoder / Decoder Hash Generator (MD5, SHA1, SHA256, SHA512) Useful Linux commands (Port Forwarding, SUID) Changelog v0.4 The new update is out! 🥳 Theme switcher, you can now switch between dark and white theme Powershell scripts has been added Obfuscated Files or Information is now available New SQLi payloads [hide][Hidden Content]]

Detect This vulnerabilities Remote Code Execution Linux XSS Reflected Template Injection Jinja2 ERB Java Twig Freemarker SQl Injection OS Support: Linux Android Windows [hide][Hidden Content]]

[Hidden Content]