0xdsm / juumlaView external linksLinks
π¦ Python project to identify and scan for vulnerabilities related to the Joomla CMS project. It scans for common misconfigurations and public vulnerabilities.
β172May 2, 2024Updated last year
Alternatives and similar repositories for juumla
Users that are interested in juumla are comparing it to the libraries listed below
Sorting:
- πΉ Python project to bruteforce Apache Tomcat manager login with known-default credentialsβ99Mar 12, 2024Updated last year
- KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Poβ¦β59Sep 6, 2021Updated 4 years ago
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on itβ453Jan 9, 2024Updated 2 years ago
- WRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.β19Nov 30, 2022Updated 3 years ago
- Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.β20Feb 2, 2024Updated 2 years ago
- This is the ringzer0 writeup of web exploitation catagery. The name is "Word mean something"β14Dec 8, 2023Updated 2 years ago
- π Golang project to exploit an EL Injection vulnerability (CVE-2017-1000486) that affects the Primefaces 5.X versions. This project suppβ¦β18Apr 18, 2023Updated 2 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.β185Nov 22, 2021Updated 4 years ago
- π΅οΈ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded credentials, etc.β426May 15, 2025Updated 8 months ago
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticalβ¦β41Dec 24, 2023Updated 2 years ago
- bypassing the twitter safety link firewall :)β12May 4, 2025Updated 9 months ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or Lβ¦β132Feb 19, 2021Updated 4 years ago
- π A DNS automated scanner and tool π±οΈ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).β297Oct 5, 2024Updated last year
- π WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.β27May 23, 2023Updated 2 years ago
- A python script to dump files and folders remotely from a Windows SMB share.β227Jan 31, 2025Updated last year
- Python script to launch burp scans automaticallyβ33Jul 18, 2021Updated 4 years ago
- DomainTrail is a fast subdomain enumeration tool that uses effective passive and active techniques.β41Apr 18, 2024Updated last year
- NoBlindi is a command-line tool for exploiting blind NoSQL injection vulnerabilities to recover passwords in web applications.β28Nov 12, 2023Updated 2 years ago
- fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.β936Aug 24, 2023Updated 2 years ago
- HTTP Request Smuggling Detection Toolβ535Dec 21, 2023Updated 2 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource loadβ297Sep 22, 2024Updated last year
- Service that scans your Infrastructure as Code for common vulnerabilitiesβ49Dec 14, 2023Updated 2 years ago
- Saves pages to Wayback machineβ13Dec 2, 2024Updated last year
- It's a simple tool for test vulnerability shellshockβ119Mar 18, 2021Updated 4 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters andβ¦β802Jul 4, 2023Updated 2 years ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. π¦β657Aug 28, 2025Updated 5 months ago
- Vaf is a cross-platform very advanced and fast web fuzzer written in nimβ321May 29, 2022Updated 3 years ago
- Hacked together script for feeding urls into Burp's Sitemapβ93Dec 7, 2025Updated 2 months ago
- β46Mar 20, 2021Updated 4 years ago
- declutters url lists for crawling/pentestingβ1,522Feb 23, 2025Updated 11 months ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirectsβ971Dec 8, 2021Updated 4 years ago
- Web application pentesting reconβ23Jul 25, 2020Updated 5 years ago
- HTTP requests of FrontPage expolitβ25Dec 19, 2013Updated 12 years ago
- echoes(εε)ζ―δΈζ¬ΎGithubοΌηΊ’ιηζ΅ε·₯ε ·β14Mar 31, 2022Updated 3 years ago
- wpscvn is a tool for pentesters, website owner to test if their websites had some vulnerable plugins or themesβ15Oct 20, 2018Updated 7 years ago
- A simple multi-threaded distributed SSH brute-forcing tool written in Pythonβ462Oct 30, 2022Updated 3 years ago
- Static code analysis tool based on Elasticsearchβ130Jan 23, 2021Updated 5 years ago
- ιη»θ‘₯ε δΈδΊθͺε·±εηcobaltstrikeζδ»Άβ45Nov 5, 2021Updated 4 years ago
- Post-Exploitation module for Penetration Tester and Hackers.β27Dec 29, 2021Updated 4 years ago