Alternatives and similar repositories for BFScan:

Users that are interested in BFScan are comparing it to the libraries listed below

• doyensec / CSPTBurpExtension
  CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
  ☆133Updated 8 months ago
• m4ll0k / autobreakpointer
  Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code
  ☆84Updated 3 months ago
• AethliosIK / reset-tolkien
  Unsecure time-based secret exploitation and Sandwich attack implementation Resources
  ☆134Updated 3 months ago
• sw33tLie / uff
  unleashed ffuf
  ☆111Updated 8 months ago
• dsecuredcom / ffufPostprocessing
  Golang tool which helps dropping the irrelevant entries from your ffuf result file.
  ☆132Updated 6 months ago
• j3ssie / custom-bcheck-scan
  This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…
  ☆93Updated last year
• ambionics / scalpel
  Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
  ☆57Updated 9 months ago
• KTH-LangSec / server-side-prototype-pollution
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆180Updated last month
• emadshanab / BChecks-Collection
  BChecks collection for Burp Suite Professional
  ☆94Updated 9 months ago
• c3l3si4n / quickcert
  A better way of querying certificate transparency logs
  ☆84Updated 3 months ago
• ngalongc / AuthzAI
  ☆166Updated 5 months ago
• Moopinger / smugglefuzz
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆253Updated 10 months ago
• ElSicarius / chunkloader
  A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs
  ☆63Updated 3 weeks ago
• snyk / socketsleuth
  Burp Extension to add additional functionality for pentesting websocket based applications
  ☆91Updated 9 months ago
• pentagridsec / PentagridScanController
  Improve automated and semi-automated active scanning in Burp Pro
  ☆61Updated 2 years ago
• PortSwigger / bambdas
  Bambdas collection for Burp Suite Professional and Community.
  ☆249Updated last week
• BugBountyzip / Bambdas
  ☆130Updated 4 months ago
• nxenon / grpc-pentest-suite
  gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications
  ☆211Updated last month
• Rhynorater / rebindMultiA
  ☆60Updated 2 years ago
• xssdoctor / graphqlMaker
  Finds graphql queries in javascript files
  ☆58Updated 10 months ago
• doyensec / protoburp
  Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages
  ☆36Updated last year
• msrkp / MXSS
  Awesome MXSS ??
  ☆48Updated 5 months ago
• midoxnet / mapperplus
  MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
  ☆170Updated 5 months ago
• PortSwigger / splitting-the-email-atom
  ☆74Updated 5 months ago
• Icare1337 / LibreOffice_Tips_Bug_Bounty
  Some tips for Bug Bounty using LibreOffice
  ☆46Updated 3 weeks ago
• wdahlenburg / VhostFinder
  Identify virtual hosts by similarity comparison
  ☆118Updated 7 months ago
• PortSwigger / url-cheatsheet-data
  This is the data that powers the PortSwigger URL validation bypass cheat sheet.
  ☆39Updated last week
• 0x999-x / jsluicepp
  jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice
  ☆267Updated 11 months ago
• kljunowsky / XXElixir
  This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
  ☆75Updated last year
• ambionics / lightyear
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆83Updated 4 months ago