FOGSEC / WAScan

Related projects: ⓘ

• codewatchorg / Burp-AnonymousCloud
  Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
  ☆41Updated last year
• jpiechowka / shodan-parser
  Python script to parse JSON data exported from SHODAN nad create IP:PORT list to use with other tools
  ☆24Updated 6 years ago
• luisfontes19 / CSRFER
  Tool to generate csrf payloads based on vulnerable requests
  ☆61Updated 3 years ago
• InitRoot / BurpSQLTruncSanner
  Messy BurpSuite plugin for SQL Truncation vulnerabilities.
  ☆61Updated 4 years ago
• Anon-Exploiter / BOF
  Some Buffer Overflow Automation Scripts I'll be using between PWK labs and Exam!
  ☆18Updated 3 years ago
• viperbluff / Firebase-Extractor
  A tool written in python for scraping firebase data
  ☆42Updated 4 years ago
• Anon-Exploiter / subdomainsEnumerator
  A docker image which will enumerate, sort, unique and resolve the results of various subdomains enumeration tools.
  ☆71Updated 2 months ago
• cujanovic / Virtual-host-wordlist
  Virtual host wordlist
  ☆50Updated 3 years ago
• pikpikcu / nuubi
  Nuubi Tools (Information-ghatering|Scanner|Recon.)
  ☆86Updated 4 years ago
• askDing / burpsuite_payloads
  ☆34Updated this week
• ankitk323 / ImgRce
  Image Tragick Exploit Tool Using Burp Collaborator
  ☆35Updated 3 months ago
• luke-goddard / LFI-Fuzzer-Burp-Suite
  Local File Inclusion Burp-Suite Intruder Payload Generator Plugin
  ☆39Updated 3 years ago
• dsopas / XSS-oneliner-payload
  Compilation of JavaScript XSS oneliners payloads that rocks your nuts!
  ☆24Updated 7 years ago
• nycto-hackerone / nycto-dork
  dork scanner with Sqli and Lfi testing
  ☆29Updated 6 years ago
• TROUBLE-1 / codeza
  This tool will scan all the URL's in the file and will provide Content-Length, Status-Code, Server and more.
  ☆37Updated 2 years ago
• B3nac / bXSSRequest
  Literally spray blind xss payloads everywhere.
  ☆25Updated 2 years ago
• inj3ctor-m4 / WebHackingNotes
  RECON Notes taking from every fucking book about bugbounty and web-app penetration testing exists
  ☆20Updated 4 years ago
• rohitcoder / SubR3con
  SubR3con is a script written in python. It uses Sublist3r to enumerate all subdomains of a specific target and then it checks for status …
  ☆18Updated 5 years ago
• nikhil1232 / Bucket-Flaws
  Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
  ☆55Updated 4 years ago
• Emoe / OpenBugBounty-Scrapper
  This script scrapes the list of open Bug Bounty Programs from openbugbounty.org
  ☆25Updated 2 years ago
• rojan-rijal / LeakFinder
  https://sites.google.com/securifyinc.com/secblogs/finding-leaked-sensitive-data
  ☆17Updated 6 years ago
• BitTheByte / Domainker
  BugBounty Tool
  ☆39Updated 5 years ago
• stevemcilwain / secrets
  Offsec Pentest and Bug Bounty Notes
  ☆24Updated 4 years ago
• chopicalqui / TurboDataMiner
  The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of informatio…
  ☆54Updated last year
• roottusk / xforwardy
  Host Header Injection Scanner
  ☆44Updated 3 years ago
• si9int / Subra
  A Web-UI for subdomain enumeration (subfinder)
  ☆53Updated 4 years ago
• yasserjanah / CVE-2020-5902
  exploit code for F5-Big-IP (CVE-2020-5902)
  ☆43Updated last year
• netscylla / JWT_Hacking
  Collection of scripts that aid in penetration testing of JSON Web Tokens
  ☆58Updated 5 years ago
• PortSwigger / bypass-waf
  Add headers to all Burp requests to bypass some WAF products
  ☆37Updated 9 months ago
• unstabl3 / recce
  Domain availbility checker
  ☆38Updated 3 years ago