InitRoot / BurpJSLinkFinderLinks
Burp Extension for a passive scanning JS files for endpoint links.
☆784Updated last year
Alternatives and similar repositories for BurpJSLinkFinder
Users that are interested in BurpJSLinkFinder are comparing it to the libraries listed below
Sorting:
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆586Updated 4 years ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆748Updated 4 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆617Updated last year
- Nuclei plugin for BurpSuite☆1,255Updated 8 months ago
- HackerOne "in scope" domains☆446Updated this week
- Automated HTTP Request Repeating With Burp Suite☆871Updated 3 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆872Updated 3 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆629Updated last year
- Because just a dark theme wasn't enough!☆563Updated 5 months ago
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…☆250Updated 6 months ago
- Blind WAF identification tool☆678Updated 11 months ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆519Updated 4 years ago
- HTTP file upload scanner for Burp Proxy☆487Updated last year
- ☆405Updated 3 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆599Updated 4 years ago
- Another way to bypass WAF Cheat Sheet (draft)☆424Updated 6 years ago
- Burp plugin able to find reflected XSS on page in real-time while browsing on site☆1,157Updated 4 years ago
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆391Updated 2 years ago
- Advanced Burp Suite Logging Extension☆666Updated last year
- XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具☆263Updated 4 years ago
- Here you can find mostly all disclosed h1 reports☆349Updated 3 years ago
- ☆471Updated last year
- A cheatsheet for exploiting server-side SVG processors.☆734Updated 4 years ago
- jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).☆273Updated 4 months ago
- Small Tool written based on chaos from projectdiscovery.io☆172Updated 7 months ago
- Fetches javascript file from a list of URLS or subdomains.☆775Updated 2 years ago
- MySQL fake server for read files of connected clients☆599Updated 7 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆172Updated 5 years ago
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆371Updated last month
- A tiny project for generating SnakeYAML deserialization payloads☆593Updated 6 years ago