Projects in Awesome Lists by doyensec

https://github.com/doyensec/inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

api-documentation-tool bugbounty bugbounty-tool burp-extensions burpsuite graphql graphql-security penetration-testing security-audit security-scanner security-tools

Last synced: 14 May 2025

https://github.com/doyensec/electronegativity

Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.

electron electron-app nodejs security

Last synced: 15 May 2025

https://github.com/doyensec/regexploit

Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)

Last synced: 15 May 2025

https://github.com/doyensec/burpdeveltraining

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

burp-plugin burpsuite java security-automation training-materials

Last synced: 07 Apr 2025

https://github.com/doyensec/wsrepl

WebSocket REPL for pentesters

Last synced: 05 Apr 2025

https://github.com/doyensec/session-hijacking-visual-exploitation

Session Hijacking Visual Exploitation

appsec session-hijacking xss xss-exploitation

Last synced: 13 Apr 2025

https://github.com/doyensec/csptburpextension

CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.

burp-extensions burpsuite cspt doyensec

Last synced: 14 Jun 2025

https://github.com/doyensec/csptplayground

CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).

appsec-testing cspt csrf websec websecurity

Last synced: 14 Jun 2025

https://github.com/doyensec/safeurl

A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.

appsec gosec ssrf

Last synced: 29 Apr 2025

https://github.com/doyensec/ajpfuzzer

A command-line fuzzer for the Apache JServ Protocol (ajp13)

ajp ajp13 fuzzer security

Last synced: 29 Apr 2025

https://github.com/doyensec/prototype-pollution-gadgets-finder

Last synced: 29 Apr 2025

https://github.com/doyensec/pesd-exporter-extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

Last synced: 27 Feb 2025

https://github.com/doyensec/PESD-Exporter-Extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

Last synced: 06 Mar 2025

https://github.com/doyensec/gqlspection

GQLSpection - parses GraphQL introspection schema and generates possible queries

Last synced: 29 Apr 2025

https://github.com/doyensec/poiex

🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends

collaborative-editing iac security security-tools semgrep vscode vscode-extension

Last synced: 29 Apr 2025

https://github.com/doyensec/standardizedimageprocessingtest

A test suite built with Mocha/Chai to test for behavioral differences between image libraries for the web

Last synced: 29 Apr 2025

https://github.com/doyensec/hoppertheme

Doyensec theme for the Hopper Disassembler - chill and functional for long RE nights

Last synced: 27 Feb 2025

https://github.com/doyensec/oidc-ssrf

An Evil OIDC Server

Last synced: 29 Apr 2025

https://github.com/doyensec/confuser

Dependency Confusion Security Testing Tool

dependency-confusion npm security-audit security-tools

Last synced: 16 Jun 2025

https://github.com/doyensec/cloudsec-tidbits

Blogpost series showcasing interesting cloud - web app security bugs

aws cloudsecurity terraform

Last synced: 29 Apr 2025

https://github.com/doyensec/unsafe-unpacking

Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide

Last synced: 14 Jun 2025

https://github.com/doyensec/vbox-fuzz

Companion to the "Introduction to VirtualBox security research" Blog Post

Last synced: 21 Jun 2025

https://github.com/doyensec/GQLSpection

GQLSpection - parses GraphQL introspection schema and generates possible queries

Last synced: 10 May 2025

https://github.com/doyensec/cve-2022-39299_poc_generator

A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-saml

Last synced: 29 Apr 2025

https://github.com/doyensec/r2pickledec

Pickle decompiler plugin for Radare2

Last synced: 29 Apr 2025

https://github.com/doyensec/vscode_poc_oct2019

Proof of Concept for a VSCode Python Extension Code Execution Vulnerability

Last synced: 29 Apr 2025

https://github.com/doyensec/imagemagick-security-policy-evaluator

The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a wide set of malicious attacks. It assists with the process of reviewing such policies, which is usually a manual task, and helps identify the best practices for ImageMagick deployments.

conversion converters image-processing imagemagick scanner security security-policies security-tools