PortSwigger / autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
☆245Updated 4 months ago
Alternatives and similar repositories for autorize:
Users that are interested in autorize are comparing it to the libraries listed below
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆575Updated 4 years ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆742Updated 3 years ago
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆370Updated 2 weeks ago
- Burp Extension for a passive scanning JS files for endpoint links.☆169Updated 5 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆866Updated 3 years ago
- ☆404Updated 3 years ago
- Web dashboard for Interactsh client☆212Updated last week
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆602Updated last year
- essential templates for kenzer [DEPRECATED]☆114Updated 2 years ago
- Nuclei templates written by us.☆269Updated 3 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆775Updated last year
- BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition☆688Updated 2 weeks ago
- ActiveScan++ Burp Suite Plugin☆220Updated 2 weeks ago
- Burp Suite Logger++: Log activities of all the tools in Burp Suite☆173Updated 10 months ago
- jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).☆271Updated 3 months ago
- Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.☆198Updated 10 months ago
- Burpsuite plugin for Interact.sh☆220Updated 10 months ago
- List DTDs and generate XXE payloads using those local DTDs.☆625Updated last year
- SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities☆182Updated 4 years ago
- XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具☆263Updated 4 years ago
- ☆196Updated last week
- Small Tool written based on chaos from projectdiscovery.io☆171Updated 6 months ago
- Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.☆304Updated last year
- Grafana Unauthorized arbitrary file reading vulnerability☆358Updated 2 years ago
- Ghostcat read file/code execute,CNVD-2020-10487(CVE-2020-1938)☆385Updated 5 years ago
- Smart context-based SSRF vulnerability scanner.☆349Updated 2 years ago
- Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]☆216Updated 7 months ago
- HTTP Request Smuggling Detection Tool☆493Updated last year
- HTTP file upload scanner for Burp Proxy☆405Updated 2 years ago
- jolokia-exploitation-toolkit☆288Updated 4 months ago