Yara-Scanner
Python-based extension for integrating a Yara scanner into Burp Suite for on-demand website scans based on custom rules.
Some useful syntax reminders for SQL Injection into various databases. Informix: SQL Injection into Informix databases. MSSQL: SQL Injection into MSSQL databases. Oracle: SQL Injection into Oracle databases. MySQL: SQL Injection into MySQL databases. Postgres: SQL Injection into PostgreSQL databases. DB2: Finding a SQL injection vulnerability in a web application backed by DB2 isn’t too common in my experience. Ingres: Ingres seems to be one of the less common database backends for web applications, so I thought it would be worth installing it and making some notes to make my next Ingres-based web app test a little easier. SQL Injection cheatsheet, database, pentest, sqlinjection, 0
Python-based extension for integrating a Yara scanner into Burp Suite for on-demand website scans based on custom rules.
A vulnerable Android application demonstrating various security issues and vulnerabilities
Open source security auditing tool to search and dump system configuration.
A virtual host scanner with the ability to detect catch-all scenarios, aliases, and dynamic default pages, presented at SecTalks BNE in September 2017.
A community website for API security news, vulnerabilities, and best practices
FullHunt is a next-generation attack surface security platform that enables companies to discover, monitor, and secure their external attack surfaces.