Non-authoritatively making Frida less (not un-!)detectable by applying some symptomatic patches. Melded with CrackerCat/strongR-frida-android, hzzheyang/strongR-frida-android and Ylarod/Florida. No…

RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.

CVE-2024-0044

Active Directory information dumper via LDAP

This shell script fix VMWare 17.x "cannot open /dev/vmmon" error in Ubuntu 21.10 and Ubuntu 22.04

This is the repository which is synced to the gitbook wiki at https://www.netexec.wiki/

A guide to using Lean Product Design on your project

A tool to guess the rest of the shortnames provided by vulnerable IIS instances.

An IIS short filename enumeration tool

A Burp Suite extension that checks for the HTTPoxy vulnerability.

Finds unknown classes of injection vulnerabilities

This is the data that powers the PortSwigger URL validation bypass cheat sheet.

The .NET library for ImageMagick

📷 A modern, cross-platform, 2D Graphics library for .NET

Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing

Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762

out-of-bounds write in Fortinet FortiOS CVE-2024-21762 vulnerability

An implementation of the TLS/SSL protocols

A quick reference for understanding the nature and severity of vulnerabilities in TLS configurations and implementations.

Playwright is a framework for Web Testing and Automation. It allows testing Chromium, Firefox and WebKit with a single API.

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!

Timeinator is an extension for Burp Suite that can be used to perform timing attacks over an unreliable network such as the internet.

JWT Support for Burp

Various pentest stuff

sslscan tests SSL/TLS enabled services to discover supported cipher suites

MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Simple tool based on sslyze to scan large scope and provide SSL/TLS vulnerabilities