Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applications with various application protocols. ⚡

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)

Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.

Learning Penetration Testing of Android Applications

CVE-2022-41852 Proof of Concept (unofficial)

Lucideus CyberGym is the internal CTF event we organise for our security professionals to grow and learn together. Now everyone can access the challenges that can be easily setup and start playing.

Burp Suite extension to passively scan for applications revealing server error messages

JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.

Burp extension to passively scan for applications revealing software version numbers

JSONPath extension for BurpSuite

Burp Suite extension for parsing Swagger web service definition files

A reinforced version of the Wavsep evaluation platform.

🐧 The Linux Simulator

Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests

Burp Extender to add unique form tokens to scanner requests.

Spider and analyze vaadin applications with OWASP ZAP - the app mediates between the two.

Hack like a pro

A Burp Extension to test Authorization and Broken Access Control!