Pentest Reconnaissance Tool in Javascript based on Ricardo Longatto version.
-
Updated
Jul 24, 2021 - JavaScript
Pentest Reconnaissance Tool in Javascript based on Ricardo Longatto version.
Firefox extension to check the presence of HTTP Security Headers and the implementation of the Subresource Integrity (SRI).
Simple and vulnerable NodeJS app prone to Cross-Site Scripting (XSS)
Dynamic analysis scripts for Android apps using Frida. Monitor and log method behaviors in real-time
A simple Node.js reverse shell useful for pentest ops
Useful notes about Web Application Security for Pentest/CTF/Redteaming. Thank you for your support.
Enumerate and exfiltrate files via out of band XXE, for situations where resolved entity is not displayed in the response, and directory listing is not available.
This HTML file creates a CSRF PoC form to any HTTP request.
Proof-Of-Concept of time-based username enumeration. This happens due to the time it costs to process a hash in the backend server and is often ignored or forgotten in audits.
A set of scripts to facilitate HTTP interception on mobile apps
A collection of utility scripts leveraging the Corellium API and designed to facilitate mobile pentesting.
Personal InfoSec blog
⭐⭐⭐⭐⭐ 识别网站上使用的技术和组件,收集网站上泄露的敏感信息。
One of the best extensions for Pentesters, the Hackbar, now in Firefox Quantum, but improved by 1000%, more features, more compact and visually remodeled.
Weaponize.it is your go-to resource for gaining insights into pentesting, bug bounty hunting, and scripting.
metamask and metaswap codebase introspection and tools
Add a description, image, and links to the pentest topic page so that developers can more easily learn about it.
To associate your repository with the pentest topic, visit your repo's landing page and select "manage topics."