Doyensec's Projects
A command-line fuzzer for the Apache JServ Protocol (ajp13)
A curated list of awesome resources about Electron.js (in)security
REST/JSON API to the Burp Suite security tool.
Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Blogpost series showcasing interesting cloud - web app security bugs
Dependency Confusion Security Testing Tool
A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-saml
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
:electron: Build cross-platform desktop apps with JavaScript, HTML, and CSS
Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
The action integrates Electronegativity, a tool to identify misconfigurations and security anti-patterns in Electron applications, into GitHub CI/CD.
Enumerate the permissions associated with AWS credential set
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Groovy and Scala projects) :bug:
fuzz code from openssl updated to target libressl
GQLSpection - parses GraphQL introspection schema and generates possible queries
Doyensec theme for the Hopper Disassembler - chill and functional for long RE nights
The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a wide set of malicious attacks. It assists with the process of reviewing such policies, which is usually a manual task, and helps identify the best practices for ImageMagick deployments.
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Add fast and relevant search to your Jekyll site
KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
AJPv1.3 Java Library
An Evil OIDC Server
OSS-Fuzz - continuous fuzzing of open source software
PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends
Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages
Pickle decompiler plugin for Radare2
Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)