DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
☆139Sep 14, 2021Updated 4 years ago
Alternatives and similar repositories for raider
Users that are interested in raider are comparing it to the libraries listed below
Sorting:
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- One-stop TLS traffic inspection and manipulation using dynamic instrumentation☆243Aug 26, 2022Updated 3 years ago
- ☆73Nov 22, 2021Updated 4 years ago
- ☆576Jul 12, 2025Updated 7 months ago
- Tools to assess the DNS security of web applications☆127Oct 5, 2022Updated 3 years ago
- Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019☆59Aug 25, 2021Updated 4 years ago
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆427Feb 20, 2026Updated last week
- A checklist of practices for organizations dealing with account takeover (ATO)☆276Oct 4, 2024Updated last year
- WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…☆156Mar 31, 2024Updated last year
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆93Jun 3, 2021Updated 4 years ago
- A pre-DDoS security assessment tool☆119Jun 11, 2021Updated 4 years ago
- In progress persistent download/upload/execution tool using Windows BITS.☆41Sep 13, 2021Updated 4 years ago
- OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions☆101Jul 20, 2023Updated 2 years ago
- ☆30Jul 29, 2021Updated 4 years ago
- High speed/Low cost CommonCrawl RegExp in Node.js☆256Apr 6, 2024Updated last year
- Continuous kerberoast monitor☆45Aug 24, 2023Updated 2 years ago
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.☆58Aug 6, 2020Updated 5 years ago
- Dependency Combobulator☆95Jan 10, 2024Updated 2 years ago
- Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules☆187Oct 30, 2021Updated 4 years ago
- Private key usage verification☆431Apr 4, 2025Updated 10 months ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆446Sep 7, 2022Updated 3 years ago
- Arkhota, a web brute forcer for Android.☆19Feb 15, 2023Updated 3 years ago
- Swiss army knife Webserver in Golang. Keep simple like the python SimpleHTTPServer but with many features☆198Mar 27, 2025Updated 11 months ago
- This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests a…☆350Jun 13, 2021Updated 4 years ago
- Red Team tool for exfiltrating the target organization's Google People Directory that you have access to, via Google's API.☆58Sep 2, 2021Updated 4 years ago
- Go scripts for checking API key / access token validity☆221Aug 3, 2021Updated 4 years ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆776Aug 19, 2024Updated last year
- Just another vulnerable web application.☆36Jul 27, 2024Updated last year
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆142Jun 1, 2023Updated 2 years ago
- all paths lead to clouds☆638Oct 11, 2023Updated 2 years ago
- Swift code to run a dylib on disk☆16May 9, 2022Updated 3 years ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering☆210Nov 29, 2020Updated 5 years ago
- ☆108Oct 14, 2021Updated 4 years ago
- domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once w…☆71Jan 16, 2025Updated last year
- Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb☆148Dec 3, 2020Updated 5 years ago
- It records your screenshots and code, then lets you upload to ASHIRT☆57Feb 11, 2026Updated 2 weeks ago
- Scan publicly accessible assets on your AWS cloud environment☆136Jan 14, 2026Updated last month
- basic proxy as an azure function serverless app☆17Jan 12, 2023Updated 3 years ago
- An Evil OIDC Server☆53Oct 19, 2022Updated 3 years ago