PortSwigger / attack-surface-detectorLinks
The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
☆14Updated 3 years ago
Alternatives and similar repositories for attack-surface-detector
Users that are interested in attack-surface-detector are comparing it to the libraries listed below
Sorting:
- ☆29Updated 8 years ago
- An AWS Lambda vulnerable application written in flask.☆49Updated 8 years ago
- Burp Extension for AWS Signing☆89Updated 9 months ago
- Simple trick to increase readability of exceptions raised by Burp extensions written in Python☆46Updated 8 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- An enumeration and exploitation toolkit using RFC calls to SAP☆39Updated 5 years ago
- Docker Version of Aquatone☆14Updated 7 years ago
- Zone transfers for rwhois☆20Updated 6 years ago
- Pivot into private VPC networks using a VPN connection☆43Updated 6 years ago
- Scripts that we use for pentesting☆42Updated 8 years ago
- OAuth Security Cheatsheet☆40Updated 11 years ago
- Alphanumeric Encoder☆25Updated 7 years ago
- Capture all RabbitMQ messages being sent through a broker.☆32Updated 4 years ago
- ☆36Updated 5 years ago
- Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool☆24Updated 3 years ago
- API testing tool written with Python☆56Updated 8 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆29Updated 7 years ago
- LetMeOutOfYour.net Resources☆20Updated 5 years ago
- Simple S3 Bucket Testing Software☆31Updated 3 years ago
- ☆36Updated 5 years ago
- Docker auditing and enumeration script.☆22Updated 6 years ago
- OAuth 2.0 Dynamic Security Scanner☆33Updated 4 years ago
- This is a set of tips and reminders for pentesting processes and scripts/programs. Initially for personal use, but if anyone else finds t…☆52Updated 5 years ago
- An Evil OIDC Server☆54Updated 3 years ago
- AWS S3 Bucket/Object Finder☆25Updated 7 years ago
- Lab exercises to practice privilege escalation scenarios in AWS IAM. These exercises and the slides go through the basics behind AWS IAM,…☆16Updated 5 years ago
- Extensive code infrastructure for finding unintended information leaks in files, git repositories and much more.☆28Updated 3 years ago
- The SSH Multiplex Backdoor Tool☆65Updated 6 years ago
- Report and finding templates used by the Serpico reporting tool☆16Updated 7 years ago
- This repo gives an overview of some GCP metadata API attack and defend patterns☆77Updated 5 years ago