MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
☆82Feb 4, 2023Updated 3 years ago
Alternatives and similar repositories for metasecjs
Users that are interested in metasecjs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- ☆35Oct 28, 2021Updated 4 years ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping☆48Nov 12, 2019Updated 6 years ago
- Timeinator is an extension for Burp Suite that can be used to perform timing attacks over an unreliable network such as the internet.☆22May 9, 2023Updated 2 years ago
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Sep 11, 2024Updated last year
- A bash script that fetches and maintains thousands of DNS resolvers☆65Aug 24, 2020Updated 5 years ago
- Proof-of-concept CORS exploitation tool.☆35Sep 7, 2019Updated 6 years ago
- Burp Suite extension to discover assets from HTTP response.☆233Jan 22, 2025Updated last year
- Lab that will help you to understand how type juggling vulnerability works.☆22Sep 23, 2020Updated 5 years ago
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆557Mar 6, 2023Updated 3 years ago
- Reverse engineers GQL Schema and generates template payloads☆46Apr 5, 2019Updated 7 years ago
- Quickly generate context-specific wordlists for content discovery from lists of URLs or paths☆237May 4, 2022Updated 3 years ago
- Print out URL schemas from an Android app☆128Feb 9, 2025Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Demo of various ways to exploit post based reflected XSS☆18Jul 6, 2023Updated 2 years ago
- ☆54Dec 3, 2025Updated 4 months ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆23Apr 28, 2019Updated 6 years ago
- Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA)☆146Apr 9, 2021Updated 5 years ago
- Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.☆293Nov 30, 2019Updated 6 years ago
- Custom semgrep rules registry☆14Aug 23, 2022Updated 3 years ago
- Continuous monitoring for JavaScript files☆221Dec 29, 2019Updated 6 years ago
- ☆41Oct 20, 2023Updated 2 years ago
- An extension to use Semgrep inside Burp Suite.☆88May 23, 2025Updated 10 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆640Jul 7, 2025Updated 9 months ago
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- A highly configurable Framework for easy automated web scanning☆382Jul 13, 2020Updated 5 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆364Mar 6, 2025Updated last year
- A simple SSRF-testing sheriff written in Go☆337Oct 31, 2024Updated last year
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intel…☆1,058Jan 3, 2025Updated last year
- Repo of useful scripts☆104Jun 30, 2020Updated 5 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Caido's passive workflow to find potential leaked secrets, PII, and sensitive fields.☆26Jan 13, 2025Updated last year
- Node Cellar fork from https://github.com/ccoenraets/nodecellar with some security fixes☆14Jun 12, 2015Updated 10 years ago
- Graphql introspection query analyzer.☆18Mar 28, 2023Updated 3 years ago
- a tool that compiles a csv of all h1 program stats☆49Jul 2, 2023Updated 2 years ago
- A natural evolution of Burp Suite's Repeater tool☆201Feb 9, 2024Updated 2 years ago
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆80Jun 1, 2019Updated 6 years ago
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆460Oct 3, 2023Updated 2 years ago