Messy BurpSuite plugin for SQL Truncation vulnerabilities.
☆63Apr 17, 2020Updated 5 years ago
Alternatives and similar repositories for BurpSQLTruncSanner
Users that are interested in BurpSQLTruncSanner are comparing it to the libraries listed below
Sorting:
- This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.☆74Nov 5, 2020Updated 5 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities☆118Dec 23, 2025Updated 2 months ago
- Reestructured LemonBooster.☆47Jul 26, 2024Updated last year
- ☆31Apr 6, 2021Updated 4 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.☆309Jul 9, 2024Updated last year
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- Extract domains/subdomains/FQDNs from files and URLs☆19Jun 30, 2020Updated 5 years ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path☆107Aug 4, 2020Updated 5 years ago
- ☆11Aug 27, 2020Updated 5 years ago
- Get all possible href | src | url from target url or domain☆40Aug 5, 2020Updated 5 years ago
- Command line tool for testing CRLF injection on a list of domains.☆165Apr 14, 2024Updated last year
- Burp Extension written in Jython to hunt for common vulnerabilities found in websites. Developed by Gaurav Narwani to help people find vu…☆251Apr 27, 2020Updated 5 years ago
- SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibil…☆155Aug 21, 2020Updated 5 years ago
- Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.☆40Nov 21, 2025Updated 3 months ago
- Subvenkon is a subdomain enumerator from Venkon☆22Jun 22, 2020Updated 5 years ago
- A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.(Ad…☆42Dec 8, 2022Updated 3 years ago
- This extension provides a central location for viewing all GraphQL requests/responses within a Burp project. It provides a clean UI that …☆15Feb 24, 2022Updated 4 years ago
- ☆16May 3, 2021Updated 4 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆65Apr 13, 2021Updated 4 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆158Jul 10, 2025Updated 7 months ago
- Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI☆27Jan 6, 2021Updated 5 years ago
- SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing☆91May 10, 2020Updated 5 years ago
- burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz☆63Dec 4, 2018Updated 7 years ago
- ☆38Nov 27, 2020Updated 5 years ago
- Dashboard/API + DNS/HTTP Servers to identify Out of Band Resolution in Payloads☆38Jun 10, 2021Updated 4 years ago
- Service-Now Article Bruteforcer☆16Jun 5, 2020Updated 5 years ago
- Check for know iframeBuster XSS☆12Sep 25, 2024Updated last year
- Local File Inclusion Burp-Suite Intruder Payload Generator Plugin☆40Oct 13, 2020Updated 5 years ago
- Keep track of changes in website with WEBSY☆35May 22, 2023Updated 2 years ago
- ☆27Mar 18, 2020Updated 5 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Dec 2, 2020Updated 5 years ago
- A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration☆78Sep 11, 2020Updated 5 years ago
- The format of various s3 buckets is convert in one format. for bugbounty and security testing.☆87May 6, 2023Updated 2 years ago
- Tool to fuzz for interesting vhost.☆23Jan 8, 2025Updated last year
- This little script for gathering chaos.projectdiscovery.io recon data in an organized way and finding the daily differences on it☆18Aug 9, 2020Updated 5 years ago
- A sub-domain enumeration tool☆20May 18, 2020Updated 5 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆48Jan 11, 2023Updated 3 years ago