FofaInfo / Awesome-FOFALinks
The FOFA Library collects usage tips, common scenarios, F&Q, and more for FOFA.
☆281Updated 3 weeks ago
Alternatives and similar repositories for Awesome-FOFA
Users that are interested in Awesome-FOFA are comparing it to the libraries listed below
Sorting:
- NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications☆328Updated 3 months ago
- Nuclei AI - Browser Extension for Rapid Nuclei Template Generation☆519Updated 6 months ago
- LazyHunter is an automated reconnaissance tool designed for bug hunters, leveraging Shodan's InternetDB and CVEDB APIs☆193Updated 2 months ago
- A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas i…☆180Updated 10 months ago
- CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4☆151Updated last year
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆301Updated last year
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆274Updated last year
- A Linux persistence tool!☆153Updated last year
- Unauthenticated Remote Code Execution – Bricks <= 1.9.6☆168Updated last year
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆387Updated last week
- CVE-2024-23897☆198Updated last year
- Bypass-Four03 is a powerful bash tool designed to help testers bypass HTTP 403 forbidden errors through various path and header manipulat…☆144Updated last month
- APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and …☆320Updated 3 months ago
- The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities.☆187Updated 7 months ago
- A collection of useful lists for Penetration Testing & Bug Bounty - Content Discovery, Payloads, Variables, Sandbox Escaping, etc☆103Updated 3 months ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆362Updated last year
- Fuzz 401/403/404 pages for bypasses☆318Updated 6 months ago
- Automation tool to testing and confirm the xss vulnerability.☆250Updated 2 months ago
- Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.☆304Updated last year
- POC for CVE-2024-36991: This exploit will attempt to read Splunk /etc/passwd file.☆125Updated 11 months ago
- A suite for hunting suspicious targets, expose domains and phishing discovery☆361Updated 2 weeks ago
- Bypass 403 pages☆115Updated last year
- Fetches JavaScript files quickly and comprehensively.☆124Updated 2 years ago
- SQLMap Command Generator: A web-based tool to easily generate customizable SQLMap commands for testing SQL injection vulnerabilities. Fea…☆68Updated 7 months ago
- A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.☆671Updated last month
- CVE-2023-25157 - GeoServer SQL Injection - PoC☆170Updated last year
- PoC for Nginx 0.6.18 - 1.20.0 Memory Overwrite Vulnerability CVE-2021-23017☆113Updated last year
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty☆207Updated 2 months ago
- Payload for bug bounty☆94Updated 11 months ago
- CVE-2024-4367 & CVE-2024-34342 Proof of Concept☆165Updated last year