MuhammadKhizerJaved / Insecure-Firebase-Exploit
A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.
☆300Updated 9 months ago
Alternatives and similar repositories for Insecure-Firebase-Exploit:
Users that are interested in Insecure-Firebase-Exploit are comparing it to the libraries listed below
- ☆402Updated 3 years ago
- Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations☆352Updated 4 years ago
- Turbo Intruder Scripts☆222Updated 4 years ago
- Unofficial documentation for the great tool Param Miner☆178Updated 2 years ago
- Burp extension to create target specific and tailored wordlist from burp history.☆237Updated 3 years ago
- Secret and/or credential patterns used for gf.☆240Updated 2 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆307Updated 4 months ago
- List of reporting templates I have used since I started doing BBH.☆286Updated 6 months ago
- Quickly generate context-specific wordlists for content discovery from lists of URLs or paths☆220Updated 2 years ago
- ☆287Updated 2 years ago
- Js File Scanner☆167Updated 3 years ago
- Automating XSS using Bash☆353Updated last year
- Burp Extension for easily creating Wordlists☆211Updated 3 years ago
- A fast and minimal JS endpoint extractor☆342Updated 4 months ago
- A fuzzer for detecting open redirect vulnerabilities☆731Updated 8 months ago
- Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…☆176Updated 4 years ago
- Just some public notes that can be useful and i want let the world knows.☆86Updated 4 years ago
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆496Updated 2 weeks ago
- A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF☆165Updated 4 years ago
- Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.☆286Updated last week
- IIS shortname scanner written in Go☆324Updated last year
- Burpsuite plugin for Interact.sh☆216Updated 8 months ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆503Updated 2 years ago
- Hidden parameters discovery suite☆223Updated 2 years ago
- Customisable and automated HTTP header injection☆243Updated 8 months ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆623Updated 4 months ago
- Monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools☆272Updated 8 months ago
- ☆151Updated 2 years ago
- A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate☆208Updated 8 months ago
- A tool for exploring Firebase datastores.☆216Updated 2 years ago