MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
☆82Feb 4, 2023Updated 3 years ago
Alternatives and similar repositories for metasecjs
Users that are interested in metasecjs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- ☆35Oct 28, 2021Updated 4 years ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping☆48Nov 12, 2019Updated 6 years ago
- Timeinator is an extension for Burp Suite that can be used to perform timing attacks over an unreliable network such as the internet.☆22May 9, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Sep 11, 2024Updated last year
- Proof-of-concept CORS exploitation tool.☆35Sep 7, 2019Updated 6 years ago
- Lab that will help you to understand how type juggling vulnerability works.☆22Sep 23, 2020Updated 5 years ago
- Burp Suite extension to discover assets from HTTP response.☆234Jan 22, 2025Updated last year
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆558Mar 6, 2023Updated 3 years ago
- A bash script that fetches and maintains thousands of DNS resolvers☆64Aug 24, 2020Updated 5 years ago
- Reverse engineers GQL Schema and generates template payloads☆46Apr 5, 2019Updated 7 years ago
- Quickly generate context-specific wordlists for content discovery from lists of URLs or paths☆240May 4, 2022Updated 4 years ago
- Print out URL schemas from an Android app☆132Feb 9, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Demo of various ways to exploit post based reflected XSS☆18Jul 6, 2023Updated 2 years ago
- ☆54Dec 3, 2025Updated 6 months ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆23Apr 28, 2019Updated 7 years ago
- Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA)☆146Apr 9, 2021Updated 5 years ago
- Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.☆291Nov 30, 2019Updated 6 years ago
- Custom semgrep rules registry☆14Aug 23, 2022Updated 3 years ago
- Continuous monitoring for JavaScript files☆223Dec 29, 2019Updated 6 years ago
- ☆41Oct 20, 2023Updated 2 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆645Jul 7, 2025Updated 11 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- An extension to use Semgrep inside Burp Suite.☆90May 23, 2025Updated last year
- A highly configurable Framework for easy automated web scanning☆384Jul 13, 2020Updated 5 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆362Mar 6, 2025Updated last year
- A simple SSRF-testing sheriff written in Go☆338Oct 31, 2024Updated last year
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intel…☆1,073Jan 3, 2025Updated last year
- Repo of useful scripts☆103Jun 30, 2020Updated 5 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Caido's passive workflow to find potential leaked secrets, PII, and sensitive fields.☆28Jan 13, 2025Updated last year
- Graphql introspection query analyzer.☆18Mar 28, 2023Updated 3 years ago
- a tool that compiles a csv of all h1 program stats☆50Jul 2, 2023Updated 2 years ago
- A natural evolution of Burp Suite's Repeater tool☆202Apr 15, 2026Updated 2 months ago
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆80Jun 1, 2019Updated 7 years ago
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆474Oct 3, 2023Updated 2 years ago
- Automated blind-xss search for Burp Suite☆284Oct 10, 2019Updated 6 years ago