Bo0oM / ParamPamPam

Related projects: ⓘ

• cujanovic / CRLF-Injection-Payloads
  Payloads for CRLF Injection
  ☆210Updated 2 years ago
• kaimi-io / web-fuzz-wordlists
  Common Web Managers Fuzz Wordlists
  ☆170Updated 10 months ago
• wish-i-was / femida
  Automated blind-xss search for Burp Suite
  ☆276Updated 4 years ago
• lc / theftfuzzer
  TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
  ☆308Updated last year
• daeken / SSRFTest
  SSRF testing tool
  ☆242Updated last year
• ZephrFish / Wordlists
  Various Payload wordlists
  ☆233Updated 4 years ago
• SpiderMate / B-XSSRF
  Toolkit to detect and keep track on Blind XSS, XXE & SSRF
  ☆294Updated 5 years ago
• subfinder / goaltdns
  A permutation generation tool written in golang
  ☆205Updated 5 years ago
• neex / gifoeb
  exploit for ImageMagick's uninitialized memory disclosure in gif coder
  ☆279Updated 7 years ago
• Damian89 / extended-ssrf-search
  Smart ssrf scanner using different methods like parameter brute forcing in post and get...
  ☆275Updated 3 years ago
• defparam / tiscripts
  Turbo Intruder Scripts
  ☆214Updated 4 years ago
• In3tinct / See-SURF
  Python based scanner to find potential SSRF parameters
  ☆282Updated 5 months ago
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated last year
• dark-warlord14 / JSScanner
  You can read the writeup on this script here
  ☆266Updated 4 years ago
• 0xspade / Automated-Scanner
  Trying to make automated recon for bug bounties
  ☆249Updated 3 years ago
• Bo0oM / WAF-bypass-Cheat-Sheet
  Another way to bypass WAF Cheat Sheet (draft)
  ☆416Updated 5 years ago
• CoreyD97 / Stepper
  A natural evolution of Burp Suite's Repeater tool
  ☆194Updated 7 months ago
• fransr / template-generator
  A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…
  ☆247Updated last year
• mazen160 / server-status_PWN
  A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-s…
  ☆418Updated 3 years ago
• internetwache / CT_subdomains
  An hourly updated list of subdomains gathered from certificate transparency logs
  ☆340Updated 2 years ago
• c0rv4x / project-black
  Pentest/BugBounty progress control with scanning modules
  ☆285Updated 4 years ago
• cablej / FileChangeMonitor
  Continuous monitoring for JavaScript files
  ☆216Updated 4 years ago
• zseano / InputScanner
  ☆231Updated 6 years ago
• Regala / burp-scope-monitor
  Burp Suite Extension to monitor new scope
  ☆195Updated 3 years ago
• bayotop / off-by-slash
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆251Updated 2 years ago
• Cillian-Collins / subscraper
  Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…
  ☆221Updated 4 years ago
• codingo / crithit
  Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…
  ☆204Updated 4 years ago
• ArturSS7 / TukTuk
  Tool for catching and logging different types of requests.
  ☆217Updated 3 years ago
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆292Updated 4 years ago
• mazen160 / bfac
  BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…
  ☆523Updated 2 years ago