This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Want to test your applications using the latest OWASP security toolchains and the NIST National Vulnerability Database using Jenkins, Ansible and docker? 🐳 🛡️ 🔒

Script to manage and create local pentesting training virtual lab

All that is required to run MobSF in the ci

Ready to use images of Zap and Glue, especially for CI integration.

Pentesting Suite Deployer for Raspbian Stretch

An exploitation tool to extract passwords using CVE-2015-5995.

This bash script will configure Windows to allow and deny two different person on the computer from accessing/executing each others data. Will also deny any access of denyuser to System32 and SysWOW64 important files. I had this idea when people were starting to screw with my remote desktop server.

A few utilities to work with JWTs.

This exploit for CVE 2018-11759, vulnerability in apache mod_jk, module for load-balancer

Bash program to infect and covertly communicate with infected devices over Google Sheets.

Stage Two containers of OWASP PurpleTeam

shiba is a finder of api token in git history.

Bash wrapper for X.509 certificate linting and PKI validation.

Tools for cluster-based DoS experiments

Fixing a vulnerable web-server after intrusion. Patches for the Network Security Course Project, ETH Zurich, HS 2021.

Integrate our security scans with your CircleCI CI/CD pipeline

An open-source Bash wrapper for x509 certificate testing.

DevOps Laboratoire d'Intrusion

Typical JAAS in web applications