A security focused static analysis tool for Android and Java applications.

Find secrets with Gitleaks 🔑

Elf binary infector written in Go.

Code signing and transparency for containers and binaries

RCE in NPM VSCode Extension

Tool to check for dependency confusion vulnerabilities in multiple package management systems

Shared lists of problem domains people may want to block with hosts files

A tool for IDN homograph attacks and detection.

Interactive cli tool for HTTP inspection

PoC helper scripts and Dockerfile for CVE-2019-1002101

A multi-threaded Golang scanner to identify Ruby endpoints vulnerable to CVE-2019-5418

A Go tool to help identify Deprecated Go Modules.

Terrier is a Image and Container analysis tool that can be used to scan Images and Containers to identify and verify the presence of specific files according to their hashes.

A container analysis and exploitation tool for pentesters and engineers.

A set of vulnerable Golang programs

A set of packages for reuse within Heroku Go applications

A HTTP PoC Endpoint for cve-2020-5260 which can be deployed to Heroku

The Illustrated TLS 1.2 Connection: Every byte explained

Tweets metadata scraper & activity analyzer

PTY interface for Go

Frida core library intended for static linking into bindings

Security-focused static analysis for the Phoenix Framework

A couple of methods for detecting Frida on Android.

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Web path scanner

Credentials recovery project