Ebryx / GitDump
A pentesting tool that dumps the source code from .git even when the directory traversal is disabled
☆221Updated 3 years ago
Alternatives and similar repositories for GitDump:
Users that are interested in GitDump are comparing it to the libraries listed below
- List DTDs and generate XXE payloads using those local DTDs.☆621Updated last year
- Python tool to find potential SSRF parameters☆315Updated last month
- Common Web Managers Fuzz Wordlists☆174Updated 3 weeks ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆597Updated last year
- Hidden parameters discovery suite☆223Updated 2 years ago
- Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.☆266Updated 2 months ago
- HTTP file upload scanner for Burp Proxy☆403Updated last year
- Combined port scanning w/ Masscan's speed & Nmap's scanning features.☆148Updated 2 years ago
- Nuclei templates written by us.☆267Updated 3 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆256Updated 2 years ago
- A tool which scrapes public github repositories for common naming conventions in variables, folders and files☆288Updated 9 months ago
- A python based blind SQL injection exploitation script☆136Updated 5 years ago
- Tool to help exploit XXE vulnerabilities☆555Updated 2 years ago
- A blind XSS detection and XSS data capture framework☆169Updated last month
- several list of simple and obfuscate PHP shell☆169Updated 2 years ago
- ☆287Updated 2 years ago
- A script that you can run in the background!☆174Updated 5 years ago
- An automated target reconnaissance pipeline.☆429Updated 2 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆706Updated last year
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆503Updated 2 years ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆125Updated 5 years ago
- automated web assets enumeration & scanning [DEPRECATED]☆288Updated 2 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆295Updated 5 years ago
- Herramienta para evadir disable_functions y open_basedir☆414Updated last year
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆725Updated 3 years ago
- Turbo Intruder Scripts☆222Updated 4 years ago
- NodeJS Red-Team Cheat Sheet☆207Updated 5 years ago
- This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contai…☆515Updated 3 months ago
- Customisable and automated HTTP header injection☆244Updated 9 months ago
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it☆449Updated last year