GManOfficial / IDOR-IN
The IDOR IN works by systematically scanning a target web application and examining various endpoints, parameters, and data access points to identify potential IDOR vulnerabilities. It leverages techniques such as parameter fuzzing, payload injection, and response analysis to detect signs of insecure direct object references.
☆13Updated last year
Alternatives and similar repositories for IDOR-IN:
Users that are interested in IDOR-IN are comparing it to the libraries listed below
- A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticat…☆8Updated 10 months ago
- ☆22Updated last year
- This tool will resolve a list of Domains, IPs, Hosts, URLs and save the results for valid/invalid fast!☆15Updated 2 years ago
- Python script implementing the favicon hash trick to find subdomains.☆30Updated 2 years ago
- bash script for automating subdomain enumeration process either passive or active☆27Updated 3 months ago
- JaelesFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications☆14Updated 11 months ago
- NetFuzzer is a comprehensive network security assessment tool for internal and external network components, including Host Machines, Fire…☆14Updated 2 months ago
- MetaX - Advanced XSS Vulnerability Detector☆14Updated 7 months ago
- The utility aims to clean up output generated by popular tools by calculating a hash based on specific JSON values to removing junk data.☆13Updated 11 months ago
- ☆12Updated last year
- An Vulnerability detection and Exploitation tool for CVE-2024-7339☆18Updated 7 months ago
- A Chrome extension that spices up those #togetherwehitharder tweets.☆9Updated 7 years ago
- Exotic and uncommon XSS Vectors to hit the target as quickly as possible.☆18Updated 4 years ago
- Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection☆13Updated 5 months ago
- Nuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)☆18Updated last year
- Recon (Whois)☆15Updated last year
- Xss payload for bypassing waf☆15Updated 4 years ago
- Automated tool for domains & Subdomains Gathering☆13Updated last year
- Highly customizable low-interaction experimental honeypot that mimics specific hosts.☆33Updated 3 weeks ago
- ☆19Updated 2 months ago
- A bash script that automates the process of service discovery on specified target hosts. The aim of the scripts is reducing scan time, in…☆13Updated 3 months ago
- Changes the output of Wappalyzer into something human readable. It also provides links to useful websites and a Google query for finding…☆9Updated 2 years ago
- A simple utility to fetch freshly updated DNS resolvers☆18Updated last year
- Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaks☆26Updated last year
- Bxss Sniper: A web application penetration testing tool for Blind XSS detection☆19Updated last year
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆18Updated 9 months ago
- Smart and efficient tool to automate open redirect detection at scale.☆8Updated 3 years ago
- SWS-Recon is a Python Tool designed to performed Reconnaissance on the given target website- Domain or SubDomain. SWS-Recon collects info…☆21Updated 2 years ago
- Several scripts are based on the Netlas.io search engine. They will allow you to carry out the reconnaissance phase before the pen test i…☆39Updated 2 months ago
- A Python tool for exploiting Django RCE via deserialization vulnerabilities in session cookies, allowing remote code execution through fo…☆13Updated 5 months ago