MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
☆82Feb 4, 2023Updated 3 years ago
Alternatives and similar repositories for metasecjs
Users that are interested in metasecjs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- ☆35Oct 28, 2021Updated 4 years ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping☆48Nov 12, 2019Updated 6 years ago
- Timeinator is an extension for Burp Suite that can be used to perform timing attacks over an unreliable network such as the internet.☆22May 9, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Sep 11, 2024Updated last year
- A bash script that fetches and maintains thousands of DNS resolvers☆64Aug 24, 2020Updated 5 years ago
- Proof-of-concept CORS exploitation tool.☆35Sep 7, 2019Updated 6 years ago
- Burp Suite extension to discover assets from HTTP response.☆232Jan 22, 2025Updated last year
- Lab that will help you to understand how type juggling vulnerability works.☆22Sep 23, 2020Updated 5 years ago
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆556Mar 6, 2023Updated 3 years ago
- Reverse engineers GQL Schema and generates template payloads☆46Apr 5, 2019Updated 7 years ago
- Quickly generate context-specific wordlists for content discovery from lists of URLs or paths☆239May 4, 2022Updated 4 years ago
- Print out URL schemas from an Android app☆129Feb 9, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Demo of various ways to exploit post based reflected XSS☆18Jul 6, 2023Updated 2 years ago
- ☆54Dec 3, 2025Updated 5 months ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆23Apr 28, 2019Updated 7 years ago
- Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA)☆146Apr 9, 2021Updated 5 years ago
- Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.☆294Nov 30, 2019Updated 6 years ago
- Custom semgrep rules registry☆14Aug 23, 2022Updated 3 years ago
- Continuous monitoring for JavaScript files☆221Dec 29, 2019Updated 6 years ago
- ☆41Oct 20, 2023Updated 2 years ago
- An extension to use Semgrep inside Burp Suite.☆89May 23, 2025Updated 11 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆642Jul 7, 2025Updated 9 months ago
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- A highly configurable Framework for easy automated web scanning☆383Jul 13, 2020Updated 5 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆364Mar 6, 2025Updated last year
- A simple SSRF-testing sheriff written in Go☆337Oct 31, 2024Updated last year
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intel…☆1,064Jan 3, 2025Updated last year
- Repo of useful scripts☆104Jun 30, 2020Updated 5 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Caido's passive workflow to find potential leaked secrets, PII, and sensitive fields.☆26Jan 13, 2025Updated last year
- Graphql introspection query analyzer.☆18Mar 28, 2023Updated 3 years ago
- a tool that compiles a csv of all h1 program stats☆49Jul 2, 2023Updated 2 years ago
- A natural evolution of Burp Suite's Repeater tool☆201Apr 15, 2026Updated 2 weeks ago
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆80Jun 1, 2019Updated 6 years ago
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆464Oct 3, 2023Updated 2 years ago
- Automated blind-xss search for Burp Suite☆284Oct 10, 2019Updated 6 years ago