dheater
xssmap
dheater | xssmap | |
---|---|---|
9 | 1 | |
173 | 139 | |
1.2% | 0.0% | |
6.4 | 10.0 | |
14 days ago | over 1 year ago | |
Python | Python | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dheater
- D(HE)ater
-
CVE-2002-20001 - disable Diffie-Hellman (DHE) key exchange on everything
I was going off what the document at https://github.com/Balasys/dheater suggests in that disabling it in pretty much everything.
- CVE-2002-20001 recommends disabling Diffie-Hellman on Apache and nginx
- GitHub - Balasys/dheater: D(HE)ater is a security tool can perform DoS attack by enforcing the DHE key exchange.
- D(HE)ater is a security tool can perform DoS attack by enforcing the DHE key exchange
- Server overload by enforcing DHE key exchange using minimal bandwidth
xssmap
-
Docker explained for pentesters
Let's take a look at an example. We assume that we want to create an environment to automate several tools, including xira. The contents of the directory holding our scripts:
What are some alternatives?
ssl-config-generator - Mozilla SSL Configuration Generator
embark - EMBArk - The firmware security scanning environment
SBSCAN - SBSCAN是一款专注于spring框架的渗透测试工具,可以对指定站点进行springboot未授权扫描/敏感信息扫描以及进行spring框架漏洞扫描与验证的综合利用工具。 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive information/unauthorized for specified sites and scan and validate spring related vulnerabilities]
bandit - Bandit is a tool designed to find common security issues in Python code.
pyOpenSSL -- A Python wrapper around the OpenSSL library - A Python wrapper around the OpenSSL library
masscan_as_a_service - masscan as a service
CVE-2021-37740 - PoC for DoS vulnerability CVE-2021-37740 in firmware v3.0.3 of SCN-IP100.03 and SCN-IP000.03 by MDT. The bug has been fixed in firmware v3.0.4.
oxo - OXO is a security scanning orchestrator for the modern age.
Dossify
tartufo - Searches through git repositories for high entropy strings and secrets, digging deep into commit history
poc - Proof of Concepts
Twisted - Event-driven networking engine written in Python.