OWASP / raider
OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
☆104Updated last year
Related projects ⓘ
Alternatives and complementary repositories for raider
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Run Capture the Flags and Security Trainings with OWASP WrongSecrets☆43Updated this week
- This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)☆41Updated last year
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆118Updated 6 months ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆165Updated 5 months ago
- ☆146Updated last year
- Target practice for ffuf☆58Updated 3 years ago
- Sample Obsidian's vault for web pentesting☆90Updated 3 months ago
- Prototype pollution scanner using headless chrome☆197Updated 2 years ago
- Zed Attack Proxy Scripts for finding CVEs and Secrets.☆126Updated 2 years ago
- A GraphQL enumeration and extraction tool☆128Updated last year
- ☆70Updated last year
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆117Updated 2 years ago
- Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.☆124Updated last year
- HTTP parameter discovery suite.☆59Updated 4 years ago
- Intentionaly very vulnerable API with bonus bad coding practices☆38Updated 9 months ago
- This repo contains the code for my secure code review challenges☆68Updated last month
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆97Updated 9 months ago
- ☆31Updated 4 months ago
- Repository with some necessary information for you to create your PenTest consultancy☆92Updated 2 years ago
- Find the remote website version based on a git repository☆124Updated 3 years ago
- Archive of Potential Insider Threats☆136Updated last year
- Execute Trickest workflows right from your terminal☆81Updated 2 weeks ago
- Resources to learn cloud environment and pentesting the same, contains AWS, Azure, Google Cloud☆50Updated 2 years ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆39Updated 2 years ago
- 🔭 Collection of regexp pattern for security passive scanning☆114Updated last year
- swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.☆54Updated last year
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆170Updated 10 months ago