CWFF – Create Your Custom Wordlist For Fuzzing
CWFF is a tool that creates a special High quality fuzzing/content discovery wordlist for you at the highest speed possible...
CWFF is a tool that creates a special High quality fuzzing/content discovery wordlist for you at the highest speed possible...
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report.Example...
Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes...
A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP...
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files...
The Rapid7 Metasploit team is taking a page from DEF CON’s “SAFE MODE” operations this year, hosting our annual Open...
In part one of this two-part series on the cloud and cloud security for security professionals, we dove into everything...
Oralyzer, a simple python script, capable of identifying the open redirection vulnerability in a website. It does that by fuzzing...
Terminal and Web console for KubernetesFeatures Configuration from kubeconfig files (KUBECONFIG environment variable or $HOME/.kube) Switch contexts interactively Authentication support...
commit-stream drinks commit logs from the Github event firehose exposing the author details (name and email address) associated with Github...
On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across...
SummaryContext: The Court of Justice of the European Union (CJEU) struck down the EU-US Privacy Shield (Privacy Shield) as a...
This week Rapid7 welcomes Joe FitzPatrick, a lead researcher at securinghardware.com, as he discusses what it takes to run a...
A polyglot payload generator IntroductionSNOWCRASH creates a script that can be launched on both Linux and Windows machines. Payload selected...
Perform automated network reconnaissance scans to gather network intelligence.IntelSpy is a multi-threaded network intelligence spy tool which performs automated enumeration...
"I've built plugins for four SOAR vendors, and your model was the most mature. You had the best code quality...
Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windowsBlogpost: https://redteamer.tips/?p=108To be used with a cmd that does whatever the F you want, for a...
Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)This script use "WafW00f" to detect the...
Modern environments today are, well, complex. They often include a concoction of on-premises, cloud, container, and virtualization services. There’s a...
Search Google, Bing, Yahoo or Yandex for a search term with different websites. A default list is already provided, which...
reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan...
Autoenum is a recon tool which performs automatic enumeration of services discovered. I built this to save some time during...
AuthMatrix is an extension to Burp Suite that provides a simple way to test authorization in web applications and web...
Welcome to the Permission Manager!Permission Manager is an application developed by SIGHUP that enables a super-easy and user-friendly RBAC management...