CompassSecurity / SAMLRaider

Related projects: ⓘ

• vmware / burp-rest-api
  REST/JSON API to the Burp Suite security tool.
  ☆546Updated 3 months ago
• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆198Updated 3 months ago
• RUB-NDS / WS-Attacker
  WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr …
  ☆469Updated 2 years ago
• RUB-NDS / BurpSSOExtension
  An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
  ☆116Updated 3 years ago
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆222Updated 3 months ago
• floyd-fuh / crass
  Code Review Audit Script Scanner
  ☆140Updated last year
• VirtueSecurity / aws-extender
  AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.
  ☆240Updated 2 years ago
• erwanlr / Fingerprinter
  CMS/LMS/Library etc Versions Fingerprinter
  ☆255Updated 3 years ago
• NetSPI / JavaSerialKiller
  Burp extension to perform Java Deserialization Attacks
  ☆208Updated 7 months ago
• nccgroup / freddy
  Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
  ☆572Updated 3 years ago
• doyensec / burpdeveltraining
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆344Updated 3 years ago
• devoteam-cybertrust / burpcollaborator-docker
  This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…
  ☆279Updated 2 months ago
• veracode-research / solr-injection
  Apache Solr Injection Research
  ☆569Updated 4 years ago
• aress31 / openapi-parser
  Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in …
  ☆191Updated 8 months ago
• Fuzzapi / fuzzapi
  Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
  ☆630Updated 3 years ago
• riramar / hsecscan
  A security scanner for HTTP response headers.
  ☆290Updated last year
• ettic-team / dnsbin
  The request.bin of DNS request
  ☆228Updated 6 years ago
• johndekroon / serializekiller
  Mass scanner for the Java serialize bug
  ☆148Updated 5 years ago
• jobertabma / ground-control
  A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
  ☆528Updated 7 years ago
• ONsec-Lab / scripts
  Utils
  ☆264Updated 8 years ago
• ozzi- / JWT4B
  JWT Support for Burp
  ☆241Updated last month
• bcoles / ssrf_proxy
  SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.
  ☆442Updated 6 years ago
• mbechler / serianalyzer
  A static byte code analyzer for Java deserialization gadget research
  ☆242Updated 7 years ago
• maK- / scantastic-tool
  It's bloody scantastic
  ☆232Updated 2 years ago
• h3xstream / http-script-generator
  ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
  ☆287Updated last year
• SecurityRAT / SecurityRAT
  OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
  ☆173Updated last month
• NickstaDB / DeserLab
  Java deserialization exploitation lab.
  ☆234Updated 5 years ago
• foxglovesec / JavaUnserializeExploits
  ☆492Updated 8 years ago
• denimgroup / threadfix
  ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to www.threadfix.it for up-to-d…
  ☆339Updated last year
• appsecco / bugcrowd-levelup-subdomain-enumeration
  This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…
  ☆631Updated 5 years ago