doyensec Goto Github PK

ajpfuzzer

A command-line fuzzer for the Apache JServ Protocol (ajp13)

awesome-electronjs-hacking

A curated list of awesome resources about Electron.js (in)security

burp-rest-api

REST/JSON API to the Burp Suite security tool.

burpdeveltraining

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

cloudsec-tidbits

Blogpost series showcasing interesting cloud - web app security bugs

confuser

Dependency Confusion Security Testing Tool

csptburpextension

CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.

cve-2022-39299_poc_generator

A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-saml

damn-vulnerable-graphql-application

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

db-race-conditions-playground

Database Race Condition Playground. Made with 🧡 by Doyensec LLC.

electron

:electron: Build cross-platform desktop apps with JavaScript, HTML, and CSS

electronegativity

Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.

electronegativity-action

The action integrates Electronegativity, a tool to identify misconfigurations and security anti-patterns in Electron applications, into GitHub CI/CD.

enumerate-iam

Enumerate the permissions associated with AWS credential set

find-sec-bugs

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Groovy and Scala projects) :bug:

fuzz

fuzz code from openssl updated to target libressl

gqlspection

GQLSpection - parses GraphQL introspection schema and generates possible queries

hoppertheme

Doyensec theme for the Hopper Disassembler - chill and functional for long RE nights

imagemagick-security-policy-evaluator

The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a wide set of malicious attacks. It assists with the process of reviewing such policies, which is usually a manual task, and helps identify the best practices for ImageMagick deployments.

inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

jekyll-algolia

Add fast and relevant search to your Jekyll site

keepassxc

KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.

libajp13

AJPv1.3 Java Library

libressl-portable

oidc-ssrf

An Evil OIDC Server

oss-fuzz

OSS-Fuzz - continuous fuzzing of open source software

pesd-exporter-extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

poiex

🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends

protoburp

Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages

prototype-pollution-gadgets-finder