PalindromeLabs / awesome-websocket-security

Related projects ⓘ

Alternatives and complementary repositories for awesome-websocket-security

• assetnote / surf
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆533Updated 11 months ago
• hakluke / bug-bounty-standards
  A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way t…
  ☆227Updated 2 years ago
• optiv / mobile-nuclei-templates
  ☆393Updated 3 years ago
• PalindromeLabs / STEWS
  A Security Tool for Enumerating WebSockets
  ☆334Updated 2 years ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆185Updated 3 months ago
• Escape-Technologies / graphql-wordlist
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆329Updated last year
• nikitastupin / param-miner-doc
  Unofficial documentation for the great tool Param Miner
  ☆173Updated 2 years ago
• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆252Updated 4 months ago
• trufflesecurity / of-CORS
  ☆146Updated last year
• daffainfo / all-about-apikey
  Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)
  ☆260Updated last year
• Karmaz95 / crimson
  Web Application Security Testing Tools
  ☆234Updated 8 months ago
• pdelteil / BugBountyReportTemplates
  List of reporting templates I have used since I started doing BBH.
  ☆235Updated 2 months ago
• 0xDexter0us / Scavenger
  Burp extension to create target specific and tailored wordlist from burp history.
  ☆232Updated 2 years ago
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆197Updated 2 years ago
• edoardottt / missing-cve-nuclei-templates
  Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…
  ☆338Updated this week
• daffainfo / match-replace-burp
  Useful "Match and Replace" burpsuite rules
  ☆338Updated last year
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆295Updated this week
• carlospolop / fuzzhttpbypass
  This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
  ☆229Updated 3 months ago
• trufflesecurity / xsshunter
  ☆358Updated 6 months ago
• ngalongc / AuthzAI
  ☆143Updated last month
• hahwul / authz0
  🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
  ☆392Updated 3 weeks ago
• Brum3ns / firefly
  Black box fuzzer for web applications
  ☆404Updated 4 months ago
• koenbuyens / Vulnerable-OAuth-2.0-Applications
  vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
  ☆306Updated 7 months ago
• pry0cc / proteus
  A projectdiscovery driven attack surface monitoring bot powered by axiom
  ☆178Updated 2 years ago
• bugcrowd / templates
  Repository to house markdown templates for researchers
  ☆192Updated 3 weeks ago
• nxenon / grpc-pentest-suite
  gRPC-Web Pentesting Suite + Burp Suite Extension
  ☆166Updated 4 months ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆169Updated 3 weeks ago
• bebiksior / EvenBetter
  EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎
  ☆134Updated 2 weeks ago
• projectdiscovery / nuclei-action
  Vulnerability Scan with Nuclei
  ☆242Updated this week
• projectdiscovery / interactsh-web
  Web dashboard for Interactsh client
  ☆195Updated 3 weeks ago