tk-t0n0y Goto Github PK

infrastructure-pentesting-checklist

jeeves

Jeeves SQLI Finder

jsa

Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.

jwt-hack

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

jwt_tool

:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens

karma_v1

KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Ports.

karma_v2

⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Rconnaissance (framework)

kenzer-

automated web assets enumeration & scanning

key-checker

Go scripts for checking API key / access token validity

knife

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

kubernetes-goat

Kubernetes Goat 🐐 is a "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security 🔐

kunto-tool_cloner-

Kunto is a bash tool created for the purpose of installing tools fast. Kunto uses bash scripts hosted on github-pages through which the tools which are not available to REPOS can be installed using kunto if the script for the tool exists.

law

simple and personal

lb-192-30-252-153-iad

dgdb

leaky-paths

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

learning-resources

a curated list of "basic" knowledge that "good to know" by evilfactorylabs members. But feel free to take a look and learn together!

liffy

Local file inclusion exploitation tool

lit-bb-hack-tools

Little Bug Bounty & Hacking Tools⚔️

loggerh1

Python script for logging changes in hacker's reputation on h1

loggerplusplus-api-filters

A Collection of Logger++ Filters for Hunting API Vulnerabilities

logsensor

A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning

lorsrf

SSRF parameter bruteforce (use scant3r module instead)

m3u

machine-learning-articles

🧠💬 Articles I wrote about machine learning, archived from MachineCurve.com.

magic-checklist-for-web-applications

Web Security Checklist (Bug Bounty & Pentesting)

mapcidr

Small utility program to perform multiple operations for a given subnet/CIDR ranges.

masstomap

A bridge between masscan and nmap - run fast masscan, parse output, execute nmap using masscan as input

meg

Fetch many paths for many hosts - without killing the hosts

mobile-security-framework-mobsf

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

mr_url

A Tool to scrape URLs for a given domain from wayback machine, Commoncrawl and OTX Alienvault