Charlie-belmer / nosqli
NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
☆372Updated 3 years ago
Alternatives and similar repositories for nosqli:
Users that are interested in nosqli are comparing it to the libraries listed below
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆856Updated 3 years ago
- Client Side Prototype Pollution Scanner☆515Updated 2 years ago
- Fetches javascript file from a list of URLS or subdomains.☆758Updated last year
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆502Updated 2 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆619Updated last year
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)☆704Updated 2 years ago
- Gotator is a tool to generate DNS wordlists through permutations.☆466Updated 2 years ago
- Nuclei templates written by us.☆267Updated 3 years ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆59Updated 10 months ago
- A tool to check a bunch of URLs that contain reflecting params.☆564Updated 7 months ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆622Updated 3 months ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆610Updated last year
- Content-Type Research☆602Updated last year
- Accept URLs on stdin, replace all query string values with a user-supplied value☆797Updated 2 years ago
- ☆674Updated 2 years ago
- HTTP Request Smuggling Detection Tool☆489Updated last year
- Default signature for Jaeles Scanner☆319Updated 2 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆585Updated last year
- Automated learning of regexes for DNS discovery☆364Updated 2 years ago
- A fuzzer for detecting open redirect vulnerabilities☆729Updated 8 months ago
- Web dashboard for Interactsh client☆205Updated this week
- Unofficial documentation for the great tool Param Miner☆178Updated 2 years ago
- Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.☆265Updated 3 months ago
- HackerOne "in scope" domains☆435Updated this week
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆306Updated 3 months ago
- DOM XSS scanner for Single Page Applications☆402Updated 7 months ago
- ☆536Updated last year
- Burpsuite plugin for Interact.sh☆215Updated 8 months ago
- ☆286Updated 2 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆300Updated 2 years ago