NotSoSecure / cloud-service-enum
☆231Updated 4 months ago
Related projects ⓘ
Alternatives and complementary repositories for cloud-service-enum
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆252Updated 2 years ago
- Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's yo…☆214Updated 5 years ago
- Stuff done in preparation for AWAE course and OSWE certification☆151Updated 4 years ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆482Updated last year
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆262Updated last year
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆133Updated 4 years ago
- SSRF testing tool☆241Updated last year
- A simple SSRF-testing sheriff written in Go☆315Updated last week
- The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources☆124Updated 4 years ago
- Various Payload wordlists☆235Updated 4 years ago
- ☆272Updated 3 years ago
- Scripts to help with different ffuf tasks and workflows☆213Updated 10 months ago
- Burp Suite Extension to monitor new scope☆195Updated 3 years ago
- Continuous monitoring for JavaScript files☆218Updated 4 years ago
- Damn Vulnerable Cloud Application☆184Updated 6 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆280Updated 3 months ago
- Turbo Intruder Scripts☆215Updated 4 years ago
- An automated target reconnaissance pipeline.☆427Updated last year
- Automatic tool for DNS rebinding-based SSRF attacks☆293Updated 4 years ago
- Adds a customizable "Send to..."-context-menu to your BurpSuite.☆149Updated last year
- You can read the writeup on this script here☆191Updated 3 years ago
- A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate☆204Updated 4 months ago
- Bugbounty scope tool☆317Updated last month
- Bucky (An automatic S3 bucket discovery tool)☆190Updated 2 years ago
- A Bind9 server for pentesters to use for Out-of-Band vulnerabilities☆184Updated 5 years ago
- Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…☆205Updated 4 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆98Updated 10 months ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆296Updated last year
- A tool geared towards pentesting APIs using OpenAPI definitions.☆168Updated 2 years ago