Skip to content
Security Innovation

Security Innovation

WhatTheFuzz

A very basic fuzzer to replicate the "sniper" functionality in Burp. WhatTheFuzz needs a source of invalid values. You can create one by adding a bunch of test cases to a text file (one per line) or I suggest you use FuzzDB, a great resource for that kind of thing. BSD License

Updated

JavaScript 0 0

websockets-chat-demo

This is an ultra basic websockets demo that builds chatroom-like functionality for demo in ILT. It includes no security features (such as AuthN/AuthZ) and some of the basic security features have been commented out for demonstration purposes (more secure lines are just above) originally forked from: https://github.com/heroku-examples/ruby-websockets-chat-demo but heavily modified (and made more insecure for demo purposes)

Updated

Python 0 1

ThickClientScripts

forked from arvinddoraiswamy/ThickClientScripts

My IDA scripts, tips and testing techniques for Thick Client applications.

Updated

scat

Static Code Analysis Tool for analyzing C# and ASP.NET applications without relying on binary analysis.

Updated

Python 2 2

looper

forked from CryptoPunk/looper

Itertools extension for generating large and complex datasets using generators.

Updated

Standard ML 0 3

Phone_research

forked from CryptoPunk/Phone_research

Updated

Python 0 11

mywebappscripts

forked from arvinddoraiswamy/mywebappscripts

A collection of all the lists, scripts and techniques I use while doing web application penetration tests.

Updated

SuperSecureBank

A vulnerable demo site for people to learn about Web Application Security

Updated

Python 0 0

TRACE-SSL-check

Checks trace and ssl security

Updated

TooManySecrets

Automatic hash detector and cracking plugin for Fiddler2

Updated

YASAT

YASAT (Yet Another Static Analysis Tool) is a very basic static analysis tool, really it's less about static analysis and more about running a group of regular expressions on a code base and generating a report on the resulting matches.

Updated

ProtoMiddler

forked from JonathanJoelBoyd/ProtoMiddler

This is a Fiddler2 Plugin that implements an Inspector for Protobuf.

Updated

AntiSQLi

forked from IronBox/AntiSQLi

A simple, easy to use .NET library for mitigating risk from SQL injection (SQLi) attacks

Updated

tide

forked from tecknicaltom/tide

tide editor

Updated

Python 1 1

burp2xml

Repo to track changes to the burp2xml script from Paul Haas of Redspin

Updated June 28, 2012

Python 1 9

blackmamba

forked from rootfoo/blackmamba

Blackmamba is a new concurrent networking library for Python. Blackmamba was built from the ground up leveraging the power of epoll and coroutines.

Updated

Transform

Transform is an easy to use encoder/decoder written in C#. It leverages the AntiXss library to make it easy to see how values are being encoded.

Updated

RegexMatcher

forked from joebasirico/RegexMatcher

A simple Regular Expression Matcher for .NET easy to use

Updated

OWASP-TeamMentor-Library

Updated

TestService

XML test thing for web!

Updated

Something went wrong with that request. Please try again.