PortSwigger / autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
☆242Updated 4 months ago
Alternatives and similar repositories for autorize:
Users that are interested in autorize are comparing it to the libraries listed below
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆725Updated 3 years ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆573Updated 4 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆169Updated 5 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆771Updated last year
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆597Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆860Updated 3 years ago
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆367Updated last week
- ☆402Updated 3 years ago
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆389Updated 2 years ago
- essential templates for kenzer [DEPRECATED]☆114Updated 2 years ago
- Burpsuite plugin for Interact.sh☆217Updated 9 months ago
- List DTDs and generate XXE payloads using those local DTDs.☆621Updated last year
- Web dashboard for Interactsh client☆208Updated last week
- jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).☆270Updated 2 months ago
- Nuclei templates written by us.☆267Updated 3 years ago
- Small Tool written based on chaos from projectdiscovery.io☆171Updated 5 months ago
- SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities☆182Updated 4 years ago
- Nuclei plugin for BurpSuite☆1,228Updated 6 months ago
- Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.☆197Updated 9 months ago
- HTTP file upload scanner for Burp Proxy☆403Updated last year
- ☆94Updated last month
- HTTP Request Smuggling Detection Tool☆491Updated last year
- Burp Suite Logger++: Log activities of all the tools in Burp Suite☆172Updated 9 months ago
- Grafana Unauthorized arbitrary file reading vulnerability☆355Updated 2 years ago
- Burp Extensions Api☆160Updated this week
- Because just a dark theme wasn't enough!☆560Updated 3 months ago
- Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]☆215Updated 7 months ago
- ☆281Updated 3 years ago
- HackerOne "in scope" domains☆439Updated this week
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆503Updated 2 years ago