Alternatives and similar repositories for BFScan:

Users that are interested in BFScan are comparing it to the libraries listed below

• doyensec / CSPTBurpExtension
  CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
  ☆136Updated 9 months ago
• j3ssie / custom-bcheck-scan
  This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…
  ☆94Updated last year
• AethliosIK / reset-tolkien
  Unsecure time-based secret exploitation and Sandwich attack implementation Resources
  ☆134Updated 4 months ago
• emadshanab / BChecks-Collection
  BChecks collection for Burp Suite Professional
  ☆96Updated 10 months ago
• m4ll0k / autobreakpointer
  Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code
  ☆89Updated 3 months ago
• Moopinger / smugglefuzz
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆254Updated 11 months ago
• KTH-LangSec / server-side-prototype-pollution
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆183Updated 2 months ago
• doyensec / Prototype-Pollution-Gadgets-Finder
  ☆88Updated 11 months ago
• ElSicarius / chunkloader
  A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs
  ☆63Updated last month
• dsecuredcom / ffufPostprocessing
  Golang tool which helps dropping the irrelevant entries from your ffuf result file.
  ☆135Updated 7 months ago
• yeswehack / pp-finder
  PP-finder Help you find gadget for prototype pollution exploitation
  ☆156Updated 8 months ago
• sw33tLie / uff
  unleashed ffuf
  ☆111Updated 9 months ago
• PortSwigger / bambdas
  Bambdas collection for Burp Suite Professional and Community.
  ☆273Updated this week
• 0x999-x / jsluicepp
  jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice
  ☆272Updated last year
• BugBountyzip / Bambdas
  ☆131Updated 5 months ago
• wdahlenburg / interactsh-collaborator
  Burpsuite plugin for Interact.sh
  ☆220Updated 9 months ago
• PortSwigger / js-miner
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆62Updated last year
• ngalongc / AuthzAI
  ☆169Updated 6 months ago
• midoxnet / mapperplus
  MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
  ☆172Updated 6 months ago
• ethicalhackingplayground / pathbuster
  A path-normalization pentesting tool.
  ☆126Updated last year
• bnematzadeh / LoggerPlusPlus-API-Filters
  A comprehensive list of custom filters for Logger++ to identify various vulnerabilities in different API styles
  ☆220Updated 6 months ago
• PortSwigger / url-cheatsheet-data
  This is the data that powers the PortSwigger URL validation bypass cheat sheet.
  ☆44Updated last month
• Rhynorater / rebindMultiA
  ☆62Updated 2 years ago
• kljunowsky / XXElixir
  This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
  ☆75Updated last year
• nikitastupin / param-miner-doc
  Unofficial documentation for the great tool Param Miner
  ☆179Updated 2 years ago
• PortSwigger / auth-analyzer
  ☆76Updated 11 months ago
• ambionics / lightyear
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆87Updated 5 months ago
• ambionics / scalpel
  Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
  ☆58Updated 10 months ago
• Syzik / DockerRegistryGrabber
  Enumerate / Dump Docker Registry
  ☆175Updated last year
• vitorfhc / gecko
  Chrome extension for automating CSPT discovery
  ☆77Updated 3 weeks ago