PortSwigger / attack-surface-detectorLinks
The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
☆14Updated 3 years ago
Alternatives and similar repositories for attack-surface-detector
Users that are interested in attack-surface-detector are comparing it to the libraries listed below
Sorting:
- Alphanumeric Encoder☆25Updated 6 years ago
- A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!☆33Updated 6 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 6 years ago
- Docker Version of Aquatone☆14Updated 7 years ago
- ☆29Updated 8 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- LetMeOutOfYour.net Resources☆20Updated 4 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆25Updated 7 years ago
- An enumeration and exploitation toolkit using RFC calls to SAP☆38Updated 5 years ago
- Password Guessing for different Web Portals☆29Updated 6 years ago
- Zone transfers for rwhois☆20Updated 6 years ago
- Simple trick to increase readability of exceptions raised by Burp extensions written in Python☆43Updated 8 years ago
- Clickjacking PoC Generator☆35Updated 4 years ago
- Burp Suite extension to help make Graphql request more readable☆31Updated 7 years ago
- A collection of OSCE preparation resources.☆24Updated 5 years ago
- Burp Suite Professional extension in Java for Tabnabbing attack☆13Updated 7 years ago
- Sparty - MS Sharepoint and Frontpage Auditing Tool☆31Updated 10 years ago
- During pentesting I often miss screenshots of events for reports due to the quick pace of testing and a lack of foreknowledge about what …☆26Updated 5 years ago
- Forked and updated with some additional features over the original☆17Updated 4 years ago
- AWS Security Checks☆39Updated 7 years ago
- Pivot into private VPC networks using a VPN connection☆42Updated 5 years ago
- ☆38Updated 4 years ago
- List (or plunder) private repos/gists to which a token has access, including those of other users☆11Updated 3 years ago
- Extensive code infrastructure for finding unintended information leaks in files, git repositories and much more.☆28Updated 2 years ago
- Convert the loot directory of ntlmrelayx into an enum4linux like output☆22Updated 5 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- This repo will contain slides and information from the Attacking Active Directory Hacking Series talks presented at SecKC.☆32Updated 11 months ago
- Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool☆25Updated 3 years ago
- DNS server limitation mapper☆26Updated 6 years ago
- Script to parse multiple Nmap .gnmap exports into various plain-text formats for easy analysis.☆24Updated 11 years ago