FofaInfo / Awesome-FOFA
The FOFA Library collects usage tips, common scenarios, F&Q, and more for FOFA.
☆263Updated last month
Alternatives and similar repositories for Awesome-FOFA:
Users that are interested in Awesome-FOFA are comparing it to the libraries listed below
- NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications☆321Updated last week
- Nuclei AI - Browser Extension for Rapid Nuclei Template Generation☆496Updated 3 months ago
- CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4☆152Updated last year
- LazyHunter is an automated reconnaissance tool designed for bug hunters, leveraging Shodan's InternetDB and CVEDB APIs☆163Updated last month
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆370Updated this week
- A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas i…☆175Updated 7 months ago
- Unauthenticated Remote Code Execution – Bricks <= 1.9.6☆162Updated last year
- CVE-2024-4367 & CVE-2024-34342 Proof of Concept☆154Updated 9 months ago
- Fetches JavaScript files quickly and comprehensively.☆113Updated last year
- CVE-2024-23897☆198Updated last year
- A Linux persistence tool!☆152Updated 10 months ago
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆297Updated last year
- Payload for bug bounty☆93Updated 8 months ago
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆267Updated 11 months ago
- CVE-2023-25157 - GeoServer SQL Injection - PoC☆166Updated last year
- ☆100Updated last year
- Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.☆304Updated last year
- APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and …☆311Updated this week
- A rapid HTTP downgrade smuggling scanner written in Go.☆253Updated 10 months ago
- Bypass-Four03 is a powerful bash tool designed to help testers bypass HTTP 403 forbidden errors through various path and header manipulat…☆136Updated 5 months ago
- Automated OSINT on SwaggerHub☆162Updated last year
- Fuzz 401/403/404 pages for bypasses☆300Updated 3 months ago
- ☆158Updated 5 months ago
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆345Updated 4 months ago
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty☆204Updated 2 months ago
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing☆140Updated 2 weeks ago
- CVE-2024-3400-RCE☆87Updated 11 months ago
- SQLMap Command Generator: A web-based tool to easily generate customizable SQLMap commands for testing SQL injection vulnerabilities. Fea…☆62Updated 4 months ago
- Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.☆203Updated last week
- All Nuclei Templates☆68Updated 2 weeks ago