NotSoSecure / cloud-service-enum

Related projects ⓘ

Alternatives and complementary repositories for cloud-service-enum

• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated 2 years ago
• prodigysml / Dr.-Watson
  Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's yo…
  ☆214Updated 5 years ago
• deletehead / awae_oswe_prep
  Stuff done in preparation for AWAE course and OSWE certification
  ☆151Updated 4 years ago
• RhinoSecurityLabs / GCPBucketBrute
  A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
  ☆482Updated last year
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆262Updated last year
• appsecco / attacking-cloudgoat2
  A step-by-step walkthrough of CloudGoat 2.0 scenarios.
  ☆133Updated 4 years ago
• daeken / SSRFTest
  SSRF testing tool
  ☆241Updated last year
• teknogeek / ssrf-sheriff
  A simple SSRF-testing sheriff written in Go
  ☆315Updated last week
• wallarm / jwt-heartbreaker
  The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
  ☆124Updated 4 years ago
• ZephrFish / Wordlists
  Various Payload wordlists
  ☆235Updated 4 years ago
• tomdev / teh_s3_bucketeers
  ☆272Updated 3 years ago
• ffuf / ffuf-scripts
  Scripts to help with different ffuf tasks and workflows
  ☆213Updated 10 months ago
• Regala / burp-scope-monitor
  Burp Suite Extension to monitor new scope
  ☆195Updated 3 years ago
• cablej / FileChangeMonitor
  Continuous monitoring for JavaScript files
  ☆218Updated 4 years ago
• m6a-UdS / dvca
  Damn Vulnerable Cloud Application
  ☆184Updated 6 years ago
• devoteam-cybertrust / burpcollaborator-docker
  This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…
  ☆280Updated 3 months ago
• defparam / tiscripts
  Turbo Intruder Scripts
  ☆215Updated 4 years ago
• epi052 / recon-pipeline
  An automated target reconnaissance pipeline.
  ☆427Updated last year
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆293Updated 4 years ago
• bytebutcher / burp-send-to
  Adds a customizable "Send to..."-context-menu to your BurpSuite.
  ☆149Updated last year
• dark-warlord14 / ffufplus
  You can read the writeup on this script here
  ☆191Updated 3 years ago
• putsi / privatecollaborator
  A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
  ☆204Updated 4 months ago
• root4loot / rescope
  Bugbounty scope tool
  ☆317Updated last month
• smaranchand / bucky
  Bucky (An automatic S3 bucket discovery tool)
  ☆190Updated 2 years ago
• JuxhinDB / OOB-Server
  A Bind9 server for pentesters to use for Out-of-Band vulnerabilities
  ☆184Updated 5 years ago
• codingo / crithit
  Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…
  ☆205Updated 4 years ago
• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆98Updated 10 months ago
• ameenmaali / qsfuzz
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆296Updated last year
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆168Updated 2 years ago