Repository History
Explore all analyzed open source repositories
Meta-GraphQL-Beautifier: Enhance Burp Suite for GraphQL Requests
Meta-GraphQL-Beautifier is a Burp Suite extension designed to improve the readability and analysis of Meta GraphQL requests. It provides beautification and highlighting features, making it easier for security professionals to work with complex GraphQL traffic. This tool streamlines the process of identifying and understanding potential vulnerabilities within GraphQL endpoints.
hakoriginfinder: Discovering Origin Hosts Behind Reverse Proxies
hakoriginfinder is a powerful Go-based tool designed to uncover the true origin host behind reverse proxies, including cloud-based Web Application Firewalls (WAFs). It achieves this by comparing HTTP responses from potential origin IP addresses against the original proxy response using the Levenshtein algorithm. This functionality makes it an invaluable asset for security researchers and penetration testers looking to bypass WAFs and identify underlying infrastructure.
CloakQuest3r: Uncovering Real IPs Behind Cloudflare and Reverse Proxies
CloakQuest3r is an open-source Python tool designed for security professionals to uncover the real origin IP addresses of websites protected by Cloudflare and other reverse proxy services. It achieves this through comprehensive subdomain enumeration, DNS history analysis, and SSL certificate examination. This tool is invaluable for authorized security testing and strengthening web infrastructure defenses.
Sirius: Open-Source Vulnerability Scanner with Real-time Monitoring
Sirius is an open-source, comprehensive vulnerability scanner that integrates community-driven security intelligence and automated penetration testing. Its latest v0.4.0 release introduces robust system monitoring and observability features, enhancing its capabilities. The platform offers a user-friendly interface and a quick Docker-based setup, making it accessible for security professionals.
evilginx2: Advanced Phishing with 2FA Bypass Framework
evilginx2 is a powerful man-in-the-middle attack framework designed for advanced phishing campaigns. It effectively captures login credentials and session cookies, enabling the bypass of two-factor authentication. Written in Go, this standalone application integrates its own HTTP and DNS server for easy setup and use.
linux-persistence: A Go-based Linux Persistence Tool for Security Research
linux-persistence is a comprehensive Linux persistence tool written in Go, designed exclusively for security research and authorized penetration testing. It offers a wide array of techniques to maintain access on Linux systems, making it a valuable resource for red team exercises and security awareness training.