Skip to content
Change the repository type filter

All

    Repositories list

    • SQLBrute

      Public
      SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities.
      Python
      357101Updated Jan 21, 2020Jan 21, 2020
    • Tools developed for the book Network Security Tools: Writing, Hacking, and Modifying Security Tools (Published April 2005 by O'Reilly - ISBN 0-596-00794-9). These examples, along with the rest of the examples from the book, are also available from O'Reilly.
      Perl
      171500Updated Jan 21, 2020Jan 21, 2020
    • This is a Burp Suite plug-in designed to encode and decode WCF Binary Soap request and response data ("Content-Type: application/soap+msbin1). There are two versions of the plug-in available (consult the README for more information).
      C#
      254601Updated Jan 21, 2020Jan 21, 2020
    • blazentoo

      Public
      Blazentoo is an Adobe AIR application that can be used to exploit insecure Adobe BlazeDS and LiveCycle Data Services ES servers. Blazentoo provides the ability to seamlessly browse web content, abusing insecurely configured Proxy Services.
      6600Updated Jan 21, 2020Jan 21, 2020
    • A set of tools made to assist in penetration testing GWT applications. Additional details about these tools can be found on my OWASP Appsec DC slides available here: http://www.owasp.org/images/7/77/Attacking_Google_Web_Toolkit.ppt
      Python
      8622562Updated Jan 21, 2020Jan 21, 2020
    • burpee

      Public
      Python object interface to requests/responses recorded by Burp Suite
      Python
      173610Updated Jan 21, 2020Jan 21, 2020
    • sentrygun

      Public
      Rogue AP killer
      Python
      101600Updated Jan 21, 2020Jan 21, 2020
    • C#
      GNU General Public License v2.0
      92001Updated Jul 25, 2019Jul 25, 2019
    • fusionpbx

      Public
      Official FusionPBX - A full-featured domain based multi-tenant PBX and voice switch for FreeSwitch.
      PHP
      661000Updated Jun 6, 2019Jun 6, 2019
    • A collection of publicly released whitepapers
      194900Updated Sep 1, 2017Sep 1, 2017
    • Solidity Contract Function Profiler
      JavaScript
      MIT License
      281600Updated Jul 21, 2017Jul 21, 2017
    • PSAttack

      Public
      A portable console aimed at making pentesting with PowerShell a little easier.
      C#
      MIT License
      2444400Updated Apr 4, 2017Apr 4, 2017
    • wifitap

      Public
      wifitap updated for BT5r3
      Python
      GNU General Public License v2.0
      5415211Updated Mar 28, 2017Mar 28, 2017
    • This library was co-developed with a leading financial institution in order to build a single solution for Cross-Site Request Forgery (CSRF) prevention that is flexible enough to deploy firm-wide within diverse Java/J2EE web application environments.
      Java
      Apache License 2.0
      242010Updated Feb 5, 2017Feb 5, 2017
    • sslscan

      Public
      sslscan tests SSL/TLS enabled services to discover supported cipher suites
      C
      GNU General Public License v3.0
      384300Updated Nov 13, 2016Nov 13, 2016
    • Python
      17200Updated Aug 25, 2016Aug 25, 2016
    • Script to test if a server is vulnerable to the JetLeak vulnerability
      Python
      6114431Updated Jul 1, 2016Jul 1, 2016
    • Utility for converting Findbugs, ESLint and PMD XML results into HP Fortify FPRs
      XSLT
      GNU General Public License v2.0
      10600Updated Apr 8, 2016Apr 8, 2016
    • Custom Fortify SCA rules to detect common JSSE certification validation flaws
      Java
      GNU General Public License v2.0
      91100Updated Nov 18, 2015Nov 18, 2015
    • Custom security ruleset for the popular Java static analysis tool PMD.
      Java
      GNU General Public License v2.0
      296120Updated Nov 18, 2015Nov 18, 2015
    • Python
      GNU General Public License v2.0
      102200Updated Nov 18, 2015Nov 18, 2015
    • Objective-C
      GNU General Public License v2.0
      82300Updated Nov 18, 2015Nov 18, 2015
    • Java
      Other
      6500Updated Dec 16, 2014Dec 16, 2014
    • Sample Findbugs custom detector for finding potentially insecure Scala code.
      Java
      4500Updated Nov 3, 2014Nov 3, 2014
    • ListLock APK contains the demo APK for the Using Mobile Substrate With Android Applications blog post
      Java
      GNU General Public License v3.0
      4900Updated Sep 23, 2014Sep 23, 2014
    • This repository contains slide decks and other materials for talks and research presented at various conferences.
      91000Updated Aug 14, 2014Aug 14, 2014
    • IronWASP module to test security of SSL services. Ported from http://www.bolet.org/TestSSLServer/
      C#
      121100Updated Sep 2, 2013Sep 2, 2013
    • mimegusta

      Public
      Configurable content-sniffing XSS test bed
      PHP
      4400Updated Jan 8, 2013Jan 8, 2013
    • AntiXSS for Java is a port of the Microsoft Anti-Cross Site Scripting (AntiXSS) v1.5 library for .NET applications. The library requires Java 1.4 or higher, but has no other prerequisites.
      Java
      181600Updated Jul 2, 2012Jul 2, 2012
    • Python
      202600Updated Nov 21, 2011Nov 21, 2011