PortSwigger / agarthaLinks
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation.
☆27Updated last week
Alternatives and similar repositories for agartha
Users that are interested in agartha are comparing it to the libraries listed below
Sorting:
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆61Updated 2 years ago
- Burp Suite's extension to scan and crawl Single Page Applications☆105Updated 2 years ago
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.☆22Updated 10 months ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆56Updated 2 years ago
- CVE Collection of jQuery UI XSS Payloads☆118Updated 2 years ago
- Spring4Shell Burp Scanner☆72Updated 3 years ago
- phpMyAdmin XSS☆114Updated 11 months ago
- Sensitive Discoverer, a Burp extension to discovers sensitive information inside HTTP messages.☆49Updated 11 months ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆90Updated last year
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆81Updated last year
- Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules☆104Updated 11 months ago
- GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab…☆141Updated 2 years ago
- PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]☆53Updated 2 years ago
- ☆62Updated 3 years ago
- ☆89Updated last year
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆90Updated last year
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆77Updated last year
- BChecks collection for Burp Suite Professional☆101Updated last year
- Web API for nuclei and subfinder will help you automate your entire security testing workflow since you can host it anywhere and make it …☆60Updated 3 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆119Updated 2 years ago
- CVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC☆118Updated 2 years ago
- Springboot detection☆22Updated 3 years ago
- Repository of AI-generated Nuclei templates for public CVEs not yet covered by existing templates, enhancing detection speed and coverage…☆105Updated 2 weeks ago
- A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.☆115Updated 8 months ago
- Unofficial Acunetix CLI tool for automated pentesting and bug hunting across large scopes.☆84Updated last year
- WEB API fuzzing☆22Updated 5 months ago
- Improve automated and semi-automated active scanning in Burp Pro☆62Updated 4 months ago
- ☆19Updated last year
- ☆20Updated last year
- Burp Suite extension that enhances Burp Active Scan by adding template engine specific SSTI payloads.☆23Updated last year