TheSecurityVault is my blog, where I do some writing about web vulnerabilities, usually not that well known by most peopleXXExploiter - Tool to help exploit XXE vulnerabilities. It generates the XML payloads, and automatically starts a server to serve the needed DTD's or to do data exfiltration.



CSRFER - Tool to generate csrf payloads based on vulnerable requests. It parses supplied requests to generate either a form or a fetch request. The payload can then be embedded in an html template.



VSCode Swissknife - Scriptable VSCode extension to generate or manipulate data. Stop pasting sensitive data in webpages.



DamnVulnerableCryptoApp - An app with really insecure crypto. To be used to see/test/exploit weak cryptographic implementations as well as to learn a little bit more about crypto, without the need to dive deep into the math behind it





The Combiner - Combines supplied words and generates a wordlist with all possible combinatios/permutations. Can also hash wordlist entries to look for an hash match

hash-identifier-jsStarted as a port to javascript of the python project hash-identifier. Identifies the algorithm used to generate the supplied hash