Fuzzapi / API-fuzzerLinks
API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities
☆395Updated 7 years ago
Alternatives and similar repositories for API-fuzzer
Users that are interested in API-fuzzer are comparing it to the libraries listed below
Sorting:
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆657Updated 4 years ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆420Updated last week
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆454Updated 6 years ago
- Finds unknown classes of injection vulnerabilities☆684Updated last month
- Advanced Burp Suite Logging Extension☆666Updated last year
- ☆325Updated 7 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆353Updated 4 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆545Updated 7 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,083Updated 5 months ago
- Automated HTTP Request Repeating With Burp Suite☆871Updated 3 years ago
- ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)☆291Updated 2 years ago
- A mini webserver with FTP support for XXE payloads☆331Updated last year
- SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.☆462Updated 7 years ago
- SQL Injection Payloads for Burp Suite, OWASP Zed Attack Proxy,...☆232Updated 5 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆723Updated 6 years ago
- AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.☆629Updated last year
- HTTP file upload scanner for Burp Proxy☆407Updated 2 years ago
- A simple SSRF-testing sheriff written in Go☆327Updated 7 months ago
- A small tool that extracts relative URLs from a file.☆747Updated 4 years ago
- Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94☆362Updated 2 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆259Updated 2 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆258Updated 3 years ago
- A simple CORS misconfiguration scanner☆418Updated 4 years ago
- This tool downloads, installs, and configures a shiny new copy of Chromium.☆455Updated last year
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆287Updated 4 months ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆315Updated 2 years ago
- SSRF testing tool☆244Updated 2 years ago
- Repository for hosting my research papers☆509Updated last year
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆633Updated 6 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆259Updated 3 years ago