What is Xcapy?
This a simple tool XSS Detection Suite for CTFs games
install & run
$ git clone "https://github.com/BlackWolfed/xcapy.git"
$ cd /xcapy
$ python3 xcapy.py
Connect with me:
This a simple tool XSS Detection Suite for CTFs games
Overview
Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.
Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. BLOG COMING SOON Code and README.md this time around are
96 Dec 14, 2022
A GitHub action for organizations that enables advanced security code scanning on all new repos
Advanced-Security-Enforcer What this repository does This code is for an active GitHub Action written in Python to check (on a schedule) for new repos
30 May 17, 2022
A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities
Shodan Quick Recon A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities Configuration You must edit the python code, and in
5 Aug 09, 2022
Automatically fetch, measure, and merge subscription links on the network, use Github Action
Free Node Merge Introduction Modified from alanbobs999/TopFreeProxies It measures the speed of free nodes on the network and import the stable and hig
52 Jul 16, 2022
A tool to crack a wifi password with a help of wordlist
A tool to crack a wifi password with a help of wordlist. This may take long to crack a wifi depending upon number of passwords your wordlist contains. Also it is slower as compared to social media ac
144 Dec 29, 2022
Description Basic Recon tool for beginners. Especially those who faces issue on how to recon or what all tools to use
Description Basic Recon tool for beginners. Especially those who faces issue on how to recon or what all tools to use. Will try to add atleast 10 more tools currently use 7 sources to gather domains.
7 Jan 03, 2022
Python implementation of the diceware password generating algorithm.
Diceware Password Generator - Generate High Entropy Passwords Please Note - This Program Do Not Store Passwords In Any Form And All The Passwords Are
35 Dec 25, 2022
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
mitmproxy mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. mitmdump is the
29.7k Jan 04, 2023
It's a simple tool for test vulnerability shellshock
Shellshock, also known as Bashdoor, is a family of security bugs in the Unix Bash shell, the first of which was disclosed on 24 September 2014. Shellshock could enable an attacker to cause Bash to ex
88 Dec 23, 2022
Cobalt Strike Beacon configuration extractor and parser.
Cobalt Strike Configuration Extractor and Parser Overview Pure Python library and set of scripts to extract and parse configurations (configs) from Co
102 Dec 18, 2022
A fast sub domain brute tool for pentesters
subDomainsBrute 1.4 A fast sub domain brute tool for pentesters. It works with P
2 Oct 18, 2022
vulnerable APIs
vulnerable-apis vulnerable APIs inspired by https://github.com/mattvaldes/vulnerable-api Setup Docker If, Out of the box docker pull kmmanoj/vulnerabl
9 Jun 01, 2022
A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell
log4j-poc An LDAP RCE exploit for CVE-2021-44228 Log4Shell Description This demo Tomcat 8 server has a vulnerable app deployed on it and is also vulne
60 Dec 10, 2022
Docker Compose based system for running remote browsers (including Flash and Java support) connected to web archives
pywb Remote Browsers This repository provides a simple configuration for deploying any pywb with remote browsers provided by OWT/Shepherd Remote Brows
10 Jul 28, 2022
一款辅助探测Orderby注入漏洞的BurpSuite插件,Python3编写,适用于上xray等扫描器被ban的场景
OrderbyHunter 一款辅助探测Orderby注入漏洞的BurpSuite插件,Python3编写,适用于上xray等扫描器被ban的场景 1. 支持Get/Post型请求参数的探测,被动探测,对于存在Orderby注入的请求将会在HTTP Histroy里标红 2. 自定义排序参数list
21 Aug 12, 2022
Springboot directory scanning
Springboot directory scanning
87 Dec 28, 2022
Brute-Force-Connected
Brute-Force-Connected Guess the password for Connected accounts the use : Create a new file and put usernames and passwords in it Example : joker:1234
4 Jun 05, 2022
A BurpSuite extension to parse 5GC NF OpenAPI 3.0 files to assess 5G core networks
5GC_API_parse Description 5GC API parse is a BurpSuite extension allowing to assess 5G core network functions, by parsing the OpenAPI 3.0 not supporte
57 Dec 16, 2022
Just another script for automatize boolean-based blind SQL injections.
SQL Blind Injection Tool A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwi
51 Dec 15, 2022
A simple automatic tool for finding vulnerable log4j hosts
Log4Scan A simple automatic tool for finding vulnerable log4j hosts Installation pip3 install -r requirements.txt Usage usage: log4scan.py [-h] (-f FI
6 Mar 10, 2022