Alternatives and similar repositories for BFScan

Users that are interested in BFScan are comparing it to the libraries listed below

• doyensec / CSPTBurpExtension
  CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
  ☆140Updated 11 months ago
• KTH-LangSec / server-side-prototype-pollution
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆189Updated 3 months ago
• m4ll0k / autobreakpointer
  Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code
  ☆89Updated 5 months ago
• AethliosIK / reset-tolkien
  Unsecure time-based secret exploitation and Sandwich attack implementation Resources
  ☆138Updated 5 months ago
• 0x999-x / jsluicepp
  jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice
  ☆274Updated last year
• yeswehack / pp-finder
  PP-finder Help you find gadget for prototype pollution exploitation
  ☆163Updated 9 months ago
• Moopinger / smugglefuzz
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆255Updated last year
• PortSwigger / bambdas
  Bambdas collection for Burp Suite Professional and Community.
  ☆328Updated 3 weeks ago
• j3ssie / custom-bcheck-scan
  This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…
  ☆98Updated last year
• midoxnet / mapperplus
  MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
  ☆169Updated 8 months ago
• emadshanab / BChecks-Collection
  BChecks collection for Burp Suite Professional
  ☆99Updated 11 months ago
• BugBountyzip / Bambdas
  ☆133Updated 6 months ago
• avlidienbrunn / archivealchemist
  Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.
  ☆115Updated 3 weeks ago
• ngalongc / AuthzAI
  ☆176Updated 7 months ago
• ElSicarius / chunkloader
  A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs
  ☆68Updated 3 months ago
• daffainfo / match-replace-burp
  Useful "Match and Replace" burpsuite rules
  ☆347Updated last year
• Invicti-Security / brainstorm
  A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery
  ☆311Updated 6 months ago
• dsecuredcom / ffufPostprocessing
  Golang tool which helps dropping the irrelevant entries from your ffuf result file.
  ☆137Updated 8 months ago
• Syzik / DockerRegistryGrabber
  Enumerate / Dump Docker Registry
  ☆177Updated last year
• bnematzadeh / LoggerPlusPlus-API-Filters
  A comprehensive list of custom filters for Logger++ to identify various vulnerabilities in different API styles
  ☆224Updated 7 months ago
• nxenon / h2spacex
  HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy‌ + Exploit Timing Attacks
  ☆177Updated last week
• francisconeves97 / jxscout
  jxscout superpowers JavaScript analysis for security researchers
  ☆141Updated last week
• kljunowsky / XXElixir
  This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
  ☆77Updated last year
• wdahlenburg / interactsh-collaborator
  Burpsuite plugin for Interact.sh
  ☆222Updated 11 months ago
• reewardius / bbFuzzing.txt
  ☆387Updated this week
• ethicalhackingplayground / pathbuster
  A path-normalization pentesting tool.
  ☆127Updated last year
• ambionics / lightyear
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆90Updated 7 months ago
• sw33tLie / uff
  unleashed ffuf
  ☆199Updated last week
• PortSwigger / splitting-the-email-atom
  ☆81Updated 8 months ago
• xnl-h4ck3r / knoxnl
  This is a python wrapper around the amazing KNOXSS API by Brute Logic
  ☆271Updated last week