PortSwigger / agarthaLinks
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation.
☆26Updated 9 months ago
Alternatives and similar repositories for agartha
Users that are interested in agartha are comparing it to the libraries listed below
Sorting:
- Burp Suite's extension to scan and crawl Single Page Applications☆104Updated 2 years ago
- bounty collection☆35Updated 9 months ago
- ☆58Updated 3 years ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆77Updated last year
- Spring4Shell Burp Scanner☆71Updated 3 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆59Updated last year
- PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]☆53Updated 2 years ago
- WEB API fuzzing☆24Updated last month
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆87Updated last year
- tool that generates bypasses for open redirects☆52Updated 3 years ago
- Springboot detection☆21Updated 3 years ago
- Central Repo for Burp extensions☆23Updated 5 months ago
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.☆20Updated 6 months ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆56Updated 2 years ago
- CVE Collection of jQuery UI XSS Payloads☆119Updated 2 years ago
- BChecks collection for Burp Suite Professional☆99Updated last year
- phpMyAdmin XSS☆116Updated 7 months ago
- Burp Extension for a passive scanning JS files for endpoint links.☆54Updated 6 months ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆119Updated last year
- CVE-2024-27956 WordPress Automatic < 3.92.1 - Unauthenticated SQL Injection☆18Updated last year
- CVE-2023-34960 Chamilo PoC☆35Updated last year
- A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.☆113Updated 4 months ago
- All Nuclei Templates☆73Updated last week
- Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5)☆25Updated 3 years ago
- ☆19Updated 8 months ago
- CVE-2022-46169 Cacti remote_agent.php Unauthenticated Command Injection.☆48Updated 2 years ago
- Burp Suite extension that enhances Burp Active Scan by adding template engine specific SSTI payloads.☆22Updated last year
- Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.☆55Updated last year
- Nuclei Templates to reproduce Cracking the lens's Research☆126Updated 3 years ago
- ☆36Updated last month