Charlie-belmer / nosqli

Related projects: ⓘ

• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆772Updated 2 years ago
• kleiton0x00 / ppmap
  A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
  ☆488Updated 2 years ago
• msrkp / PPScan
  Client Side Prototype Pollution Scanner
  ☆507Updated 2 years ago
• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆601Updated 6 months ago
• lc / subjs
  Fetches javascript file from a list of URLS or subdomains.
  ☆735Updated last year
• neex / http2smugl
  ☆527Updated 9 months ago
• cramppet / regulator
  Automated learning of regexes for DNS discovery
  ☆350Updated last year
• Josue87 / gotator
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆445Updated 2 years ago
• anshumanpattnaik / http-request-smuggling
  HTTP Request Smuggling Detection Tool
  ☆464Updated 8 months ago
• whitel1st / docem
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆502Updated 7 months ago
• BishopFox / h2csmuggler
  HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
  ☆637Updated 2 years ago
• honoki / bbrf-client
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆608Updated 5 months ago
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆287Updated last year
• jaeles-project / jaeles-signatures
  Default signature for Jaeles Scanner
  ☆319Updated 2 years ago
• filedescriptor / untrusted-types
  ☆647Updated 2 years ago
• fcavallarin / domdig
  DOM XSS scanner for Single Page Applications
  ☆394Updated 2 months ago
• glebarez / cero
  Scrape domain names from SSL certificates of arbitrary hosts
  ☆596Updated 5 months ago
• mazen160 / jwt-pwn
  Security Testing Scripts for JWT
  ☆305Updated 2 years ago
• KathanP19 / Gxss
  A tool to check a bunch of URLs that contain reflecting params.
  ☆526Updated last month
• geeknik / the-nuclei-templates
  Nuclei templates written by us.
  ☆263Updated 3 years ago
• xm1k3 / cent
  Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…
  ☆853Updated 3 months ago
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆258Updated last year
• assetnote / surf
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆523Updated 9 months ago
• projectdiscovery / fuzzing-templates
  Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
  ☆39Updated 4 months ago
• makuga01 / dnsFookup
  DNS rebinding toolkit
  ☆250Updated last year
• dwisiswant0 / ppfuzz
  A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
  ☆568Updated last year
• bp0lr / gauplus
  ☆282Updated 2 years ago
• knassar702 / lorsrf
  Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load
  ☆287Updated last year
• tomnomnom / qsreplace
  Accept URLs on stdin, replace all query string values with a user-supplied value
  ☆745Updated last year
• PalindromeLabs / STEWS
  A Security Tool for Enumerating WebSockets
  ☆320Updated 2 years ago