a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation.
☆30Oct 21, 2025Updated 5 months ago
Alternatives and similar repositories for agartha
Users that are interested in agartha are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Copy as FFUF Command for Burp Suite☆10Jun 12, 2024Updated last year
- This extension provides a way to discover NoSQL injection vulnerabilities.☆10Feb 1, 2021Updated 5 years ago
- A burp-suite plugin that extract all parameter names from in-scope requests☆29Nov 9, 2021Updated 4 years ago
- 资产测绘输出xlsx表格☆14Sep 10, 2024Updated last year
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Mar 18, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Sensitive Discoverer, a Burp extension to discovers sensitive information inside HTTP messages.☆50Jan 26, 2026Updated 2 months ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆14Feb 10, 2022Updated 4 years ago
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.☆23Nov 26, 2024Updated last year
- Small tool to scan On-Premises Exchange servers, useful for analytical purposes and patch management☆20Aug 28, 2022Updated 3 years ago
- Get all NetNTLM Hashes via Different zero-click Methodologies from LLMNR Poisoning☆18Mar 16, 2022Updated 4 years ago
- Spring Boot whitelabel error page SpEL rce EXP☆13May 24, 2024Updated last year
- I was searching for such resource to work as cheat sheet series and guide me through different attack scenarios for API attacks, didn’t f…☆15May 5, 2025Updated 11 months ago
- burp suite插件☆13Jul 9, 2023Updated 2 years ago
- A steganography based shellcode hider to bypass AV☆17Aug 7, 2022Updated 3 years ago
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Fuzz WebSockets with custom Python code☆20Aug 21, 2024Updated last year
- Scripts that automate portions of pentests.☆58Mar 18, 2026Updated 3 weeks ago
- CSRF Scanner Extension for Burp Suite Pro☆20Feb 4, 2022Updated 4 years ago
- A tool to generate OpenXML XXE Payloads written in Python3.☆16Aug 21, 2019Updated 6 years ago
- A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.☆25Mar 11, 2024Updated 2 years ago
- 使用java编写的CRLF-Injection-burp被动扫描插件☆45Dec 20, 2022Updated 3 years ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆84Jul 20, 2023Updated 2 years ago
- ☆16Mar 11, 2024Updated 2 years ago
- ☆43Mar 13, 2023Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆26Dec 13, 2024Updated last year
- 单页mysql注入环境自带数据仅需填账号密码无需其他复杂配置开箱即用。 自定义过滤/拦截规则进行bypass等测试,支持报错/联合/延时/布尔/时间/堆叠 的数值或字符注入☆16Dec 2, 2022Updated 3 years ago
- Bounty Prompt is an Open-Source Burp Suite extension by Bounty Security that leverages advanced AI via Burp AI and Groq AI. It enables us…☆120Feb 23, 2025Updated last year
- The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.☆11Apr 6, 2020Updated 6 years ago
- 红队自动化打点神器!!! ARL使用代理池联动nuclei,xray并通过企业微信机器人告警。☆26Sep 29, 2024Updated last year
- Bambdas collection for Burp Suite Professional and Community.☆512Mar 12, 2026Updated last month
- This repository contains a number of insecure self-hosted applications that allows interested security engineers to test vulnerabilities …☆26Apr 30, 2025Updated 11 months ago
- Burp Suite Extension for inserting a magic byte into responder's request☆24Sep 22, 2023Updated 2 years ago
- ☆28Jan 9, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- RSEScan is a command-line utility for interacting with the RSECloud. It allows you to fetch subdomains and IPs from certificates for a gi…☆17Jun 7, 2024Updated last year
- A Burp Suite extension for creating and editing JSON Web Tokens. This tool supports signing and verification of JWS, encryption and decry…☆46Apr 30, 2025Updated 11 months ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆19Jun 28, 2018Updated 7 years ago
- 🕸️ A curated list of dark web (.onion) links — for educational and research purposes only. You can buy and read the Dark Web book based…☆39Sep 21, 2025Updated 6 months ago
- A simple script that edits the XML of a macro-enabled Word document (.docm or Word 97 document) to add a reference to a remote stylesheet…☆12Oct 5, 2022Updated 3 years ago
- 使用 Java 实现的将 Burp 流量异步转发到 Xray 的 Burp 插件,内含多种功能☆16Jun 11, 2023Updated 2 years ago
- Bugbounty utility to store list of enumerated subdomains into an sqlite3 db [one liner style / Pipe and save]☆29Jan 6, 2021Updated 5 years ago