Repositories list

• TInjA

  Public
  TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages.

  Go

  •

  Apache License 2.0

  •36•397•2•1•Updated Dec 22, 2025Dec 22, 2025

• draft-meyerzuselha-oauth-web-message-response-mode

  Public

  Hackmanit/draft-meyerzuselha-oauth-web-message-response-mode’s past year of commit activity
  OAuth 2.0 Web Message Response Mode for Popup-based Authorization Flows

  HTML

  •0•0•3•0•Updated Nov 5, 2025Nov 5, 2025

• JWTF

  Public
  JWTF is a JavaScript-based tool for analyzing and manipulating JWTs. It is available at https://jwt.wtf/ and developed by Hackmanit GmbH (http://hackmanit.de/).

  jwttoken-based-authentication

  JavaScript

  •

  Apache License 2.0

  •0•5•2•0•Updated Oct 1, 2025Oct 1, 2025

• Web-Cache-Vulnerability-Scanner

  Public
  Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).

  securitysecurity-auditscanner+ 10hackingpenetration-testingpentestingbugbountyhacking-toolvulnerability-scannerssecurity-scanner+ 3

  Go

  •

  Apache License 2.0

  •143•1.1k•0•0•Updated Sep 2, 2025Sep 2, 2025

• template-injection-table

  Public
  The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.

  SCSS

  •

  Apache License 2.0

  •10•105•0•0•Updated Jul 22, 2025Jul 22, 2025

• template-injection-playground

  Public

  Hackmanit/template-injection-playground’s past year of commit activity
  The Template Injection Playground allows to test a large number of the most relevant template engines for template injection possibilities.

  PHP

  •

  Apache License 2.0

  •14•55•1•1•Updated Jul 22, 2025Jul 22, 2025

• cheatsheet

  Public
  CSS

  •1•1•0•0•Updated Feb 14, 2024Feb 14, 2024

• xxelab

  Public
  A simple web app with a XXE vulnerability.

  HTML

  •

  MIT License

  •71•2•0•0•Updated May 30, 2022May 30, 2022

• HTTP-Secure-Header-Scanner

  Public archive

  Hackmanit/HTTP-Secure-Header-Scanner’s past year of commit activity
  PHP

  •

  MIT License

  •5•8•1•1•Updated Jun 23, 2021Jun 23, 2021

• OpenID-Connect-PHP

  Public
  Minimalist OpenID Connect client

  PHP

  •

  Other

  •395•2•0•0•Updated Jun 26, 2019Jun 26, 2019

• botan

  Public
  Crypto and TLS for C++11

  C++

  •

  BSD 2-Clause "Simplified" License

  •623•2•0•0•Updated Mar 27, 2018Mar 27, 2018

• botan-extended-tests

  Public
  C++

  •3•3•0•0•Updated Nov 21, 2016Nov 21, 2016

• botan-fuzzers

  Public
  Fuzzer instrumentation for botan

  C++

  •

  BSD 2-Clause "Simplified" License

  •0•2•0•0•Updated Apr 3, 2016Apr 3, 2016