Corsy v1.0 - CORS Misconfiguration Scanner

Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations. Requirements Corsy only works with Python 3 and has the following depencies: tld requests To install these dependencies, navigate to Corsy directory and execute pip3 install -r requirements.txt Usag...

Usbrip - Simple Command Line Forensics Tool For Tracking USB Device Artifacts (History Of USB Events) On GNU/Linux

usbrip derived from "USB Ripper", not "USB R.I.P." is an open source forensics tool with CLI interface that lets you keep track of USB device artifacts aka USB event history, "Connected" and "Disconnected" events on Linux machines. Description usbrip is a small piece of software written in pure...

Slither - Static Analyzer For Solidity

Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code...

Operative Framework HD - The Digital Investigation Framework, You Can Interact With Websites, Email Address, Company, People, Ip Address, And More

operative framework HD is the digital investigation framework, you can interact with websites, email address, company, people, ip address ... with basic/graphical view and export with XML, JSON. How to Install You need this packages mongoDB NPM Python 2 Create mongoDB database $ mongo $ use...

Trello: CSV injection [N/A]

Hello, We can inject commands in the name field of a board =210 or =cmd|'/C calc'!AO for example, and when it's exported to CSV it will be evaluated to 20 in the corresponding cell, this enables an attacker to spread malware and execute system level commands on a victim's machine if the victim...

Steamer - Import, Search, and Manage Public Password Breach Data

Import, manage, search public dumps. Do you have massive amounts of CSV, .sql, .txt, that have credentials, passwords, and hashes inside? Use Steamer to manage them! Load them into a MongoDB database, and either uses the console directly or just use the handy web interface complete with JSON...

JSON export doesn't differentiate public from internal comments

h4. +Summary+ Currently, when exporting a SD request to JSON format, it's not possible to tell which comment is internal or public from the JSON file. h4. +Steps to reproduce+ Go to Manage add-ons - All add-ons - jira-importers-plugin - Enable JSON export Create an SD request and add one internal...

JSON export doesn't differentiate public from internal comments

h4. +Summary+ Currently, when exporting a SD request to JSON format, it's not possible to tell which comment is internal or public from the JSON file. h4. +Steps to reproduce+ Go to Manage add-ons - All add-ons - jira-importers-plugin - Enable JSON export Create an SD request and add one internal...

Cookiescanner - Tool to Check the Cookie Flag for a Multiple Sites

Tool to do more easy the web scan proccess to check if the secure and HTTPOnly flags are enabled in the cookies path and expires too. This tools allows probe multiple urls through a input file, by a google domain looking in all subdomains or by a unique url. Also, supports multiple output like...

Trello: CSV Injection

Hello, We can inject commands in the name field of a board =210 for example, and when it's exported to CSV it will be evaluated to 20 in the corresponding cell, this enables an attacker to spread malware and execute system level commands on a victim's machine if the victim downloaded the CSV file...