MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
☆82Feb 4, 2023Updated 3 years ago
Alternatives and similar repositories for metasecjs
Users that are interested in metasecjs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- ☆35Oct 28, 2021Updated 4 years ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping☆48Nov 12, 2019Updated 6 years ago
- Timeinator is an extension for Burp Suite that can be used to perform timing attacks over an unreliable network such as the internet.☆22May 9, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Sep 11, 2024Updated last year
- A bash script that fetches and maintains thousands of DNS resolvers☆65Aug 24, 2020Updated 5 years ago
- Proof-of-concept CORS exploitation tool.☆35Sep 7, 2019Updated 6 years ago
- Burp Suite extension to discover assets from HTTP response.☆233Jan 22, 2025Updated last year
- Lab that will help you to understand how type juggling vulnerability works.☆22Sep 23, 2020Updated 5 years ago
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆557Mar 6, 2023Updated 3 years ago
- Reverse engineers GQL Schema and generates template payloads☆46Apr 5, 2019Updated 6 years ago
- Quickly generate context-specific wordlists for content discovery from lists of URLs or paths☆238May 4, 2022Updated 3 years ago
- Print out URL schemas from an Android app☆128Feb 9, 2025Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Demo of various ways to exploit post based reflected XSS☆18Jul 6, 2023Updated 2 years ago
- ☆53Dec 3, 2025Updated 3 months ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆23Apr 28, 2019Updated 6 years ago
- Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA)☆146Apr 9, 2021Updated 4 years ago
- Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.☆294Nov 30, 2019Updated 6 years ago
- Custom semgrep rules registry☆14Aug 23, 2022Updated 3 years ago
- Continuous monitoring for JavaScript files☆225Dec 29, 2019Updated 6 years ago
- ☆41Oct 20, 2023Updated 2 years ago
- An extension to use Semgrep inside Burp Suite.☆88May 23, 2025Updated 10 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- A highly configurable Framework for easy automated web scanning☆382Jul 13, 2020Updated 5 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆363Mar 6, 2025Updated last year
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intel…☆1,052Jan 3, 2025Updated last year
- Repo of useful scripts☆104Jun 30, 2020Updated 5 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- Caido's passive workflow to find potential leaked secrets, PII, and sensitive fields.☆21Jan 13, 2025Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Node Cellar fork from https://github.com/ccoenraets/nodecellar with some security fixes☆14Jun 12, 2015Updated 10 years ago
- Graphql introspection query analyzer.☆18Mar 28, 2023Updated 2 years ago
- a tool that compiles a csv of all h1 program stats☆49Jul 2, 2023Updated 2 years ago
- A natural evolution of Burp Suite's Repeater tool☆201Feb 9, 2024Updated 2 years ago
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆80Jun 1, 2019Updated 6 years ago
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆458Oct 3, 2023Updated 2 years ago
- Automated blind-xss search for Burp Suite☆285Oct 10, 2019Updated 6 years ago