PortSwigger / agartha
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation.
☆24Updated 6 months ago
Alternatives and similar repositories for agartha:
Users that are interested in agartha are comparing it to the libraries listed below
- Burp Suite's extension to scan and crawl Single Page Applications☆102Updated last year
- Spring4Shell Burp Scanner☆71Updated 2 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆58Updated last year
- PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]☆53Updated 2 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆86Updated last year
- ☆88Updated 10 months ago
- Springboot detection☆21Updated 3 years ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆75Updated last year
- Web cache poisoning vulnerability scanner.☆65Updated 2 years ago
- bounty collection☆34Updated 6 months ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆56Updated last year
- Improve automated and semi-automated active scanning in Burp Pro☆61Updated 2 years ago
- ☆54Updated 3 years ago
- burpsuite extension☆15Updated 2 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆53Updated 4 months ago
- Nuclei Templates to reproduce Cracking the lens's Research☆125Updated 3 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆33Updated 3 years ago
- tool that generates bypasses for open redirects☆52Updated 2 years ago
- Repository of AI-generated Nuclei templates for public CVEs not yet covered by existing templates, enhancing detection speed and coverage…☆72Updated 3 months ago
- The purpose of this repo is to share my research☆14Updated last year
- BChecks collection for Burp Suite Professional☆94Updated 9 months ago
- A burp-suite plugin that extract all parameter names from in-scope requests☆29Updated 3 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆118Updated last year
- ☆25Updated last week
- nuclei framework scripts☆34Updated 2 years ago
- WEB API fuzzing☆24Updated last year
- All Nuclei Templates☆68Updated 2 weeks ago
- ☆25Updated 2 years ago
- ☆19Updated 2 years ago
- ☆19Updated 9 months ago