Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

Java 8,176 883 Updated Jul 26, 2024

frohoff / ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Java 7,537 1,728 Updated Mar 31, 2024

LandGrey / SpringBootVulExploit

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Java 5,665 1,293 Updated Mar 10, 2021

bastillion-io / Bastillion

Bastillion is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys.

Java 3,139 380 Updated May 20, 2024

scottyab / rootbeer

Simple to use root checking Android library and sample app

Java 2,385 429 Updated Jul 3, 2023

subhra74 / snowflake

Graphical SFTP client and terminal emulator with helpful utilities

Java 2,140 230 Updated May 4, 2024

SmartBear / soapui

SoapUI is a free and open source cross-platform functional testing solution for APIs and web services.

Java 1,536 607 Updated Mar 27, 2024

PortSwigger / param-miner

Java 1,171 157 Updated Jul 12, 2024

projectdiscovery / nuclei-burp-plugin

Nuclei plugin for BurpSuite

Java 1,130 114 Updated Jul 15, 2024

PortSwigger / http-request-smuggler

Java 950 102 Updated Dec 14, 2023

akto-api-security / akto

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

Java 920 183 Updated Jul 27, 2024

wetw0rk / AWAE-PREP

This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by…

Java 840 289 Updated Feb 24, 2021

olacabs / jackhammer

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Java 719 162 Updated Mar 18, 2024

httptoolkit / httptoolkit-android

Automatic Android interception & debugging with HTTP Toolkit, for Android

Java 467 73 Updated May 8, 2024

CompassSecurity / SAMLRaider

SAML2 Burp Extension

Java 398 77 Updated Jun 25, 2024

PortSwigger / bambdas

Bambdas collection for Burp Suite Professional and Community.

Java 175 26 Updated Jul 23, 2024

akabe1 / OAUTHScan

Burp Suite Extension useful to verify OAUTHv2 and OpenID security

Java 170 28 Updated May 24, 2024

JGillam / burp-paramalyzer

Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.

Java 153 27 Updated Oct 1, 2022

moeinfatehi / Backup-Finder

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

Java 152 29 Updated Mar 27, 2024

usdAG / FlowMate

FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application and matches their occurrences in the responses.

Java 149 9 Updated Jul 25, 2024