Femida
Automated blind-xss search for Burp Suite Femida is a tool that helps you find blind XSS vulnerabilities in your web application. It uses Burp Suite as a proxy to intercept and analyze HTTP requests. Femida is a Python script that can be run from the command line. It's a great tool for security researchers and penetration testers who want to automate their blind XSS searches. Femida is open-source and free to use. It's available on GitHub and can be easily installed using pip.
FEATURES
ALTERNATIVES
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
Command line tool for testing CRLF injection on a list of domains.
A comprehensive guide to malware analysis and reverse engineering, covering topics such as lab setup, debugging, and anti-debugging.
Assembler/disassembler for the dex format used by Dalvik, Android's Java VM implementation.
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
OCyara performs OCR on image files and scans them for matches to Yara rules, supporting Debian-based Linux distros.
A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities
A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.