a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation.
☆30Oct 21, 2025Updated 6 months ago
Alternatives and similar repositories for agartha
Users that are interested in agartha are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Copy as FFUF Command for Burp Suite☆10Jun 12, 2024Updated last year
- 爬取知识星球内容,并制作 PDF 电子书。☆15Mar 18, 2020Updated 6 years ago
- This extension provides a way to discover NoSQL injection vulnerabilities.☆10Feb 1, 2021Updated 5 years ago
- A Burp extension to Fuzz URLs for HTTP parser inconsistencies☆12Jan 9, 2024Updated 2 years ago
- A burp-suite plugin that extract all parameter names from in-scope requests☆29Nov 9, 2021Updated 4 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- 资产测绘输出xlsx表格☆14Sep 10, 2024Updated last year
- Automating SQL Injection in a list of URLs or Request Files☆12Aug 8, 2016Updated 9 years ago
- Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.☆219Nov 4, 2025Updated 6 months ago
- Sensitive Discoverer, a Burp extension to discovers sensitive information inside HTTP messages.☆50Jan 26, 2026Updated 3 months ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆14Feb 10, 2022Updated 4 years ago
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.☆23Nov 26, 2024Updated last year
- Get all NetNTLM Hashes via Different zero-click Methodologies from LLMNR Poisoning☆18Mar 16, 2022Updated 4 years ago
- Spring Boot whitelabel error page SpEL rce EXP☆13May 24, 2024Updated last year
- 一个既可主动,又可被动提取链接的burp插件☆46Mar 29, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- I was searching for such resource to work as cheat sheet series and guide me through different attack scenarios for API attacks, didn’t f…☆15May 5, 2025Updated 11 months ago
- burp suite插件☆13Jul 9, 2023Updated 2 years ago
- A steganography based shellcode hider to bypass AV☆17Aug 7, 2022Updated 3 years ago
- Fuzz WebSockets with custom Python code☆20Aug 21, 2024Updated last year
- 本项目是一个插件项目,用于演示插件的使用方法 快速打造自己的谷歌插件该项目使用 vue2.0 + webpack4.0 + less + es6 + vue-router + vuex + axios + element-ui + chrome-plugin 等其他插件开发…☆14Oct 18, 2023Updated 2 years ago
- Scripts that automate portions of pentests.☆58Mar 18, 2026Updated last month
- CSRF Scanner Extension for Burp Suite Pro☆20Feb 4, 2022Updated 4 years ago
- ☆13Apr 15, 2024Updated 2 years ago
- A tool to generate OpenXML XXE Payloads written in Python3.☆16Aug 21, 2019Updated 6 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- 使用java编写的CRLF-Injection-burp被动扫描插件☆45Dec 20, 2022Updated 3 years ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆85Jul 20, 2023Updated 2 years ago
- ☆17Mar 11, 2024Updated 2 years ago
- ☆44Mar 13, 2023Updated 3 years ago
- ☆26Dec 13, 2024Updated last year
- 红队自动化打点神器!!! ARL使用代理池联动nuclei,xray并通过企业微信机器人告警。☆26Sep 29, 2024Updated last year
- Bambdas collection for Burp Suite Professional and Community.☆519Mar 12, 2026Updated last month
- Bounty Prompt is an Open-Source Burp Suite extension by Bounty Security that leverages advanced AI via Burp AI and Groq AI. It enables us…☆122Feb 23, 2025Updated last year
- This repository contains a number of insecure self-hosted applications that allows interested security engineers to test vulnerabilities …☆26Apr 30, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Burp Suite Extension for inserting a magic byte into responder's request☆24Sep 22, 2023Updated 2 years ago
- ☆28Jan 9, 2023Updated 3 years ago
- RSEScan is a command-line utility for interacting with the RSECloud. It allows you to fetch subdomains and IPs from certificates for a gi…☆17Jun 7, 2024Updated last year
- A Burp Suite extension for creating and editing JSON Web Tokens. This tool supports signing and verification of JWS, encryption and decry…☆46Apr 23, 2026Updated last week
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆19Jun 28, 2018Updated 7 years ago
- A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.☆97Aug 14, 2018Updated 7 years ago
- A simple script that edits the XML of a macro-enabled Word document (.docm or Word 97 document) to add a reference to a remote stylesheet…☆11Oct 5, 2022Updated 3 years ago