Skip to content
Security Innovation

Security Innovation

WhatTheFuzz

A very basic fuzzer to replicate the "sniper" functionality in Burp. WhatTheFuzz needs a source of invalid values. You can create one by adding a bunch of test cases to a text file (one per line) or I suggest you use FuzzDB, a great resource for that kind of thing. BSD License

Updated March 19, 2014

JavaScript 0 0

websockets-chat-demo

This is an ultra basic websockets demo that builds chatroom-like functionality for demo in ILT. It includes no security features (such as AuthN/AuthZ) and some of the basic security features have been commented out for demonstration purposes (more secure lines are just above) originally forked from: https://github.com/heroku-examples/ruby-websockets-chat-demo but heavily modified (and made more insecure for demo purposes)

Updated March 08, 2014

Python 0 1

ThickClientScripts

forked from arvinddoraiswamy/ThickClientScripts

My IDA scripts, tips and testing techniques for Thick Client applications.

Updated November 18, 2013

scat

Static Code Analysis Tool for analyzing C# and ASP.NET applications without relying on binary analysis.

Updated October 20, 2013

Python 2 3

looper

forked from CryptoPunk/looper

Itertools extension for generating large and complex datasets using generators.

Updated October 10, 2013

Standard ML 0 3

Phone_research

forked from CryptoPunk/Phone_research

Updated October 07, 2013

Python 0 11

mywebappscripts

forked from arvinddoraiswamy/mywebappscripts

A collection of all the lists, scripts and techniques I use while doing web application penetration tests.

Updated August 23, 2013

SuperSecureBank

A vulnerable demo site for people to learn about Web Application Security

Updated August 15, 2013

Python 0 0

TRACE-SSL-check

Checks trace and ssl security

Updated August 09, 2013

TooManySecrets

Automatic hash detector and cracking plugin for Fiddler2

Updated June 26, 2013

YASAT

YASAT (Yet Another Static Analysis Tool) is a very basic static analysis tool, really it's less about static analysis and more about running a group of regular expressions on a code base and generating a report on the resulting matches.

Updated June 24, 2013

ProtoMiddler

forked from JonathanJoelBoyd/ProtoMiddler

This is a Fiddler2 Plugin that implements an Inspector for Protobuf.

Updated June 19, 2013

AntiSQLi

forked from IronBox/AntiSQLi

A simple, easy to use .NET library for mitigating risk from SQL injection (SQLi) attacks

Updated May 13, 2013

tide

forked from tecknicaltom/tide

tide editor

Updated April 29, 2013

Python 1 1

burp2xml

Repo to track changes to the burp2xml script from Paul Haas of Redspin

Updated June 28, 2012

Python 1 9

blackmamba

forked from rootfoo/blackmamba

Blackmamba is a new concurrent networking library for Python. Blackmamba was built from the ground up leveraging the power of epoll and coroutines.

Updated July 19, 2011

Transform

Transform is an easy to use encoder/decoder written in C#. It leverages the AntiXss library to make it easy to see how values are being encoded.

Updated March 11, 2011

RegexMatcher

forked from joebasirico/RegexMatcher

A simple Regular Expression Matcher for .NET easy to use

Updated March 04, 2011

OWASP-TeamMentor-Library

Updated January 25, 2011

TestService

XML test thing for web!

Updated September 27, 2010

Something went wrong with that request. Please try again.