GManOfficial / IDOR-INLinks
The IDOR IN works by systematically scanning a target web application and examining various endpoints, parameters, and data access points to identify potential IDOR vulnerabilities. It leverages techniques such as parameter fuzzing, payload injection, and response analysis to detect signs of insecure direct object references.
☆23Updated 2 years ago
Alternatives and similar repositories for IDOR-IN
Users that are interested in IDOR-IN are comparing it to the libraries listed below
Sorting:
- A tool that automates the search for IDOR vulnerabilities in web apps and APIs☆63Updated 4 years ago
- Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection☆13Updated last year
- Sub-Domain TakeOver Vulnerability Scanner (edoardottt fork)☆74Updated 11 months ago
- List of payloads for BurpSuite intruder. Payloads gathered from Swisskyrepos PayloadsAllTheThings☆34Updated last week
- An interactive bash script for detecting IDOR vulnerabilities. Automates the discovery of access control issues in web applications, enha…☆14Updated 9 months ago
- Bug Bounty Methodology-slides by Muhammad M. Awali. Pentesting and Researcher Talks.☆31Updated 2 years ago
- Pointer is a Fast Simple Lightweight Tool for Endpoint Discovery.☆14Updated 2 years ago
- ☆26Updated 2 years ago
- Offensive Security MISC Annotations and Payloads for Ethical Hackers / Security Researchers☆29Updated last year
- Python script implementing the favicon hash trick to find subdomains.☆37Updated 2 years ago
- Run ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.☆25Updated 2 years ago
- Oneliner Bug Bounty Collection collected from GitHub to all bug bounty hunters☆34Updated 2 years ago
- Methodoloy for pentesting web applications.☆10Updated 3 years ago
- Xss payload for bypassing waf☆18Updated 5 years ago
- uforall is a fast url crawler this tool crawl all URLs number of different sources, alienvault,WayBackMachine,urlscan,commoncrawl☆52Updated 2 months ago
- A command-line utility designed to discover subdomains for a given domain in a simple, efficient way. It works by gathering information f…☆115Updated last month
- An AIO Tool to check for Vulnerable Amazon S3 Buckets as part of Bug Bounty, the uniqueness of this tool is that it can take a file full …☆44Updated last year
- My personal collection of nuclei templates made for fuzzing.☆29Updated last year
- [BASH] Bounty Meter is a command-line utility tool designed for bug bounty hunters to define their bounty target for a year, maintain and…☆33Updated 2 years ago
- Ultimate Package Of 50 Bug Bounty Hunting Tools☆47Updated 3 months ago
- ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …☆34Updated 2 years ago
- Useful Github Dorks for BugBounty -☆68Updated 3 years ago
- Automated tool for domains & Subdomains Gathering☆14Updated last year
- I collected it to help the bug hunter get a reward☆57Updated 3 years ago
- A 1 Liner SQL Injection Attack using SQLMAP and various parameters that helps quickly check for a vulnerabilities during Bug Bounty☆41Updated last year
- HackLiners: CyberSec/BugHunting OneLiners☆62Updated last year
- A powerful Go tool for finding origin IPs of domains by querying multiple security APIs and validating results with built-in HTTP client.☆41Updated last month
- Learn how to automate XSS, SSRF, LFI, SQLI, NoSQLi☆44Updated 4 years ago
- Xssor.go is a xss reflections checker for urls☆71Updated 2 years ago
- Python tool to test known techniques to bypass 403 and 401 HTTP responses.☆36Updated 2 years ago