Doyensec's Projects
A command-line fuzzer for the Apache JServ Protocol (ajp13)
A curated list of awesome resources about Electron.js (in)security
REST/JSON API to the Burp Suite security tool.
Material for the training "Developing Burp Suite Extensions โ From Manual Testing to Security Automation"
Blogpost series showcasing interesting cloud - web app security bugs
Dependency Confusion Security Testing Tool
CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-saml
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Database Race Condition Playground. Made with ๐งก by Doyensec LLC.
:electron: Build cross-platform desktop apps with JavaScript, HTML, and CSS
Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
The action integrates Electronegativity, a tool to identify misconfigurations and security anti-patterns in Electron applications, into GitHub CI/CD.
Enumerate the permissions associated with AWS credential set
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Groovy and Scala projects) :bug:
fuzz code from openssl updated to target libressl
GQLSpection - parses GraphQL introspection schema and generates possible queries
Doyensec theme for the Hopper Disassembler - chill and functional for long RE nights
The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a wide set of malicious attacks. It assists with the process of reviewing such policies, which is usually a manual task, and helps identify the best practices for ImageMagick deployments.
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Add fast and relevant search to your Jekyll site
KeePassXC is a cross-platform community-driven port of the Windows application โKeepass Password Safeโ.
AJPv1.3 Java Library
An Evil OIDC Server
OSS-Fuzz - continuous fuzzing of open source software
PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
๐ Visualize and explore IaC โ๏ธ Create and share notes in VS Code ๐ค Sync notes and findings in real-time with friends
Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages