PortSwigger / active-scan-plus-plus

Related projects: ⓘ

• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆601Updated 6 months ago
• PortSwigger / autorize
  Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…
  ☆210Updated this week
• pyn3rd / Spring-Boot-Vulnerability
  ☆395Updated 2 years ago
• wdahlenburg / interactsh-collaborator
  Burpsuite plugin for Interact.sh
  ☆197Updated 2 months ago
• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆772Updated 2 years ago
• synacktiv / HopLa
  HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
  ☆701Updated 3 years ago
• geeknik / the-nuclei-templates
  Nuclei templates written by us.
  ☆264Updated 3 years ago
• httpvoid / CVE-Reverse
  ☆277Updated 2 years ago
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated last year
• Walidhossain010 / WAF-bypass-XSS-payloads
  ☆354Updated this week
• whitel1st / docem
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆502Updated 7 months ago
• hackvertor / hackvertor
  ☆159Updated last month
• PortSwigger / logger-plus-plus
  Burp Suite Logger++: Log activities of all the tools in Burp Suite
  ☆161Updated 3 months ago
• osmedeus / osmedeus-base
  Build your own reconnaissance system with Osmedeus Next Generation
  ☆177Updated 3 months ago
• PortSwigger / js-link-finder
  Burp Extension for a passive scanning JS files for endpoint links.
  ☆159Updated 5 years ago
• ethicalhackingplayground / ssrf-king
  SSRF plugin for burp Automates SSRF Detection in all of the Request
  ☆548Updated 3 years ago
• makuga01 / dnsFookup
  DNS rebinding toolkit
  ☆250Updated last year
• 0xC01DF00D / Collabfiltrator
  Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
  ☆247Updated 2 years ago
• bp0lr / gauplus
  ☆282Updated 2 years ago
• BishopFox / GadgetProbe
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆581Updated 3 years ago
• ARPSyndicate / kenzer-templates
  essential templates for kenzer [DEPRECATED]
  ☆106Updated last year
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆258Updated last year
• ARPSyndicate / kenzer
  automated web assets enumeration & scanning [DEPRECATED]
  ☆285Updated last year
• Damian89 / extended-ssrf-search
  Smart ssrf scanner using different methods like parameter brute forcing in post and get...
  ☆275Updated 3 years ago
• capt-meelo / MassMap
  Combined port scanning w/ Masscan's speed & Nmap's scanning features.
  ☆148Updated 2 years ago
• intrudir / 403fuzzer
  ☆173Updated this week
• ARPSyndicate / bug-bounty-domains
  Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]
  ☆212Updated 3 weeks ago
• Static-Flow / BurpSuiteAutoCompletion
  This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
  ☆162Updated 3 years ago
• Charlie-belmer / nosqli
  NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
  ☆351Updated 2 years ago
• Impact-I / x8-Burp
  Hidden parameters discovery suite
  ☆220Updated last year