Alternatives and similar repositories for BFScan

Users that are interested in BFScan are comparing it to the libraries listed below

• doyensec / CSPTBurpExtension
  CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
  ☆139Updated 10 months ago
• j3ssie / custom-bcheck-scan
  This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…
  ☆96Updated last year
• emadshanab / BChecks-Collection
  BChecks collection for Burp Suite Professional
  ☆97Updated 11 months ago
• KTH-LangSec / server-side-prototype-pollution
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆187Updated 3 months ago
• AethliosIK / reset-tolkien
  Unsecure time-based secret exploitation and Sandwich attack implementation Resources
  ☆134Updated 5 months ago
• Moopinger / smugglefuzz
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆255Updated 11 months ago
• 0x999-x / jsluicepp
  jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice
  ☆273Updated last year
• midoxnet / mapperplus
  MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
  ☆170Updated 7 months ago
• avlidienbrunn / archivealchemist
  Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.
  ☆66Updated this week
• sw33tLie / uff
  unleashed ffuf
  ☆112Updated 10 months ago
• ngalongc / AuthzAI
  ☆175Updated 6 months ago
• PortSwigger / bambdas
  Bambdas collection for Burp Suite Professional and Community.
  ☆315Updated this week
• m4ll0k / autobreakpointer
  Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code
  ☆89Updated 4 months ago
• ElSicarius / chunkloader
  A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs
  ☆67Updated 2 months ago
• BugBountyzip / Bambdas
  ☆132Updated 6 months ago
• bnematzadeh / LoggerPlusPlus-API-Filters
  A comprehensive list of custom filters for Logger++ to identify various vulnerabilities in different API styles
  ☆224Updated 6 months ago
• PortSwigger / url-cheatsheet-data
  This is the data that powers the PortSwigger URL validation bypass cheat sheet.
  ☆45Updated last week
• kljunowsky / XXElixir
  This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
  ☆76Updated last year
• vitorfhc / gecko
  Chrome extension for automating CSPT discovery
  ☆82Updated 2 weeks ago
• doyensec / GQLSpection
  GQLSpection - parses GraphQL introspection schema and generates possible queries
  ☆84Updated 2 months ago
• reewardius / bbFuzzing.txt
  ☆387Updated last week
• xnl-h4ck3r / knoxnl
  This is a python wrapper around the amazing KNOXSS API by Brute Logic
  ☆262Updated last month
• dsecuredcom / ffufPostprocessing
  Golang tool which helps dropping the irrelevant entries from your ffuf result file.
  ☆136Updated 7 months ago
• hisxo / JSpector
  A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
  ☆360Updated last year
• wdahlenburg / interactsh-collaborator
  Burpsuite plugin for Interact.sh
  ☆221Updated 10 months ago
• nxenon / grpc-pentest-suite
  gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications
  ☆218Updated 2 months ago
• ambionics / lightyear
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆88Updated 6 months ago
• Rhynorater / rebindMultiA
  ☆62Updated 2 years ago
• Net-hunter121 / API-Wordlist
  ☆240Updated 3 years ago
• intruder-io / guidtool
  A tool to inspect and attack version 1 GUIDs
  ☆221Updated 2 years ago