DontGo403 is a tool designed to help Pentesters and Red Teams identify vulnerabilities in web servers that could be exploited to gain unauthorized access to resources. The tool does this by bypassing HTTP error code 403 responses, which are typically used to indicate that a user is not authorized to access a particular resource or webpage.
Mythic is a cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It’s designed to provide a collaborative and user friendly interface for operators, managers, and reporting.
Bad Secrets its a pure python library for identifying the use of known or very weak cryptographic secrets across a variety of platforms.
Nginxpwner is a tool to look for common Nginx misconfigurations and vulnerabilities.
OpenRediWrecked is a powerful and sophisticated tool for detecting and exploiting open redirect vulnerabilities using the sed utility and a selected list of carefully crafted payloads with encoding techniques.
Bypass-url-parser is a tool designed to simplify theprocess of testing URL parsing vulnerabilities in web applications. It tests MANY url bypasses to reach a 40X protected page.
