🦁 Python project to identify and scan for vulnerabilities related to the Joomla CMS project. It scans for common misconfigurations and public vulnerabilities.
☆172May 2, 2024Updated last year
Alternatives and similar repositories for juumla
Users that are interested in juumla are comparing it to the libraries listed below
Sorting:
- 😹 Python project to bruteforce Apache Tomcat manager login with known-default credentials☆99Mar 12, 2024Updated last year
- KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…☆59Sep 6, 2021Updated 4 years ago
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it☆453Jan 9, 2024Updated 2 years ago
- WRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.☆19Nov 30, 2022Updated 3 years ago
- Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.☆20Feb 2, 2024Updated 2 years ago
- This is the ringzer0 writeup of web exploitation catagery. The name is "Word mean something"☆14Dec 8, 2023Updated 2 years ago
- 😛 Golang project to exploit an EL Injection vulnerability (CVE-2017-1000486) that affects the Primefaces 5.X versions. This project supp…☆18Apr 18, 2023Updated 2 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago
- 🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded credentials, etc.☆429May 15, 2025Updated 9 months ago
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆40Dec 24, 2023Updated 2 years ago
- bypassing the twitter safety link firewall :)☆12May 4, 2025Updated 10 months ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆132Feb 19, 2021Updated 5 years ago
- 🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).☆298Oct 5, 2024Updated last year
- 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.☆27May 23, 2023Updated 2 years ago
- A python script to dump files and folders remotely from a Windows SMB share.☆227Jan 31, 2025Updated last year
- Python script to launch burp scans automatically☆32Jul 18, 2021Updated 4 years ago
- DomainTrail is a fast subdomain enumeration tool that uses effective passive and active techniques.☆41Apr 18, 2024Updated last year
- NoBlindi is a command-line tool for exploiting blind NoSQL injection vulnerabilities to recover passwords in web applications.☆28Nov 12, 2023Updated 2 years ago
- fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.☆937Aug 24, 2023Updated 2 years ago
- HTTP Request Smuggling Detection Tool☆535Dec 21, 2023Updated 2 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆296Sep 22, 2024Updated last year
- Service that scans your Infrastructure as Code for common vulnerabilities☆49Dec 14, 2023Updated 2 years ago
- A parallel scanner that utilises axiom to spin up servers and parallel scan using masscan.☆16Jul 1, 2020Updated 5 years ago
- Saves pages to Wayback machine☆12Dec 2, 2024Updated last year
- It's a simple tool for test vulnerability shellshock☆119Mar 18, 2021Updated 4 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆802Jul 4, 2023Updated 2 years ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆659Aug 28, 2025Updated 6 months ago
- Vaf is a cross-platform very advanced and fast web fuzzer written in nim☆320May 29, 2022Updated 3 years ago
- Hacked together script for feeding urls into Burp's Sitemap☆92Dec 7, 2025Updated 3 months ago
- ☆46Mar 20, 2021Updated 4 years ago
- declutters url lists for crawling/pentesting☆1,531Feb 23, 2025Updated last year
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆970Dec 8, 2021Updated 4 years ago
- Web application pentesting recon☆23Jul 25, 2020Updated 5 years ago
- HTTP requests of FrontPage expolit☆25Dec 19, 2013Updated 12 years ago
- wpscvn is a tool for pentesters, website owner to test if their websites had some vulnerable plugins or themes☆15Oct 20, 2018Updated 7 years ago
- echoes(回响)是一款Github,红队监测工具☆14Mar 31, 2022Updated 3 years ago
- A simple multi-threaded distributed SSH brute-forcing tool written in Python☆461Oct 30, 2022Updated 3 years ago
- Static code analysis tool based on Elasticsearch☆129Jan 23, 2021Updated 5 years ago
- 陆续补充一些自己写的cobaltstrike插件☆45Nov 5, 2021Updated 4 years ago