Aur0ra-m / Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
☆30Updated last year
Alternatives and similar repositories for Autorize:
Users that are interested in Autorize are comparing it to the libraries listed below
- 一款BurpSuite插件,辅助手工测试☆72Updated last year
- god_param☆40Updated last year
- 一款支持检测host头攻击的burp suite插件☆51Updated last year
- weblogic批量打入内存马,electron+vue3+springboot实现。☆51Updated last year
- HiddenDomainHunter☆20Updated 2 years ago
- 用Go+Fyne开发的,展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。☆104Updated 3 months ago
- 针对部署在Weblogic上的Shiro☆44Updated last year
- nuclei模版生成插件☆106Updated last year
- 一个既可主动,又可被动提取链接的burp插件☆42Updated last year
- 一个简单的批量反编译jar包的小脚本☆35Updated 3 years ago
- burpsuite插件-被动无感识别指纹-主动poc扫描☆26Updated 7 months ago
- 直接导入需要碰撞的IP和域名,工具多线程碰撞速度快,访问状态码200成功时则会高亮。☆53Updated last year
- 快速测试是否存在FastAdmin框架相关漏洞☆22Updated 6 months ago
- 基于 Json 、自定义Go脚本的多协程验证扫描器,用于快速验证目标是否存在该漏洞或深层次利用。☆39Updated 5 months ago
- ARL 灯塔的 WIH 利用☆28Updated 9 months ago
- ☆39Updated 5 months ago
- Java命令行文件监控小工具(代码审计)☆101Updated 3 years ago
- 经过优化的渗透测试Payload字典、Fuzz Payload字典。Penetration testing Payload dictionary, Fuzzy Payload dictionary☆36Updated 9 months ago
- 一款扫描js中敏感api的burp插件☆34Updated last year
- 某软最新公开gadgegt,新加入不出网利用。☆62Updated 7 months ago
- Burp-plugin☆16Updated 9 months ago
- nacos api bypass & jwt bypass & get all configs☆41Updated last year
- ☆23Updated 2 years ago
- 一个js文件敏感信息搜集脚本,支持输入url和js文件,也支持批量敏感信息匹配。☆77Updated 2 years ago
- 支持注入内存马和Bypass WAF☆29Updated last year
- 手动收集各大SRC平台主域名,通过程序自动处理以格式化存入数据库中,便于配合其它信息搜集工具进一步测试。☆45Updated 4 months ago
- 根据域名生成备份文件字典(不扫描)☆23Updated 2 years ago
- iis高版本短文件名猜解脚本,适用于iis7.5~10.x版本的iis中间件。☆51Updated 2 weeks ago
- ssrf_proxy☆13Updated last year
- 云函数扫描器☆58Updated last year