PortSwigger / autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
☆242Updated 4 months ago
Alternatives and similar repositories for autorize:
Users that are interested in autorize are comparing it to the libraries listed below
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆573Updated 4 years ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆725Updated 3 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆169Updated 5 years ago
- ActiveScan++ Burp Suite Plugin☆219Updated 2 months ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆597Updated last year
- Burpsuite plugin for Interact.sh☆217Updated 9 months ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆860Updated 3 years ago
- ☆402Updated 3 years ago
- Nuclei templates written by us.☆267Updated 3 years ago
- SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities☆182Updated 4 years ago
- Burp Suite Logger++: Log activities of all the tools in Burp Suite☆172Updated 9 months ago
- jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).☆270Updated 2 months ago
- Web dashboard for Interactsh client☆208Updated last week
- Burp Extension for a passive scanning JS files for endpoint links.☆771Updated last year
- essential templates for kenzer [DEPRECATED]☆114Updated 2 years ago
- Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.☆197Updated 9 months ago
- XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具☆262Updated 4 years ago
- HTTP file upload scanner for Burp Proxy☆403Updated last year
- ☆287Updated 2 years ago
- Burp Extensions Api☆160Updated this week
- Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]☆215Updated 7 months ago
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆367Updated last week
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆389Updated 2 years ago
- Grafana Unauthorized arbitrary file reading vulnerability☆355Updated 2 years ago
- BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition☆681Updated this week
- Nuclei plugin for BurpSuite☆1,228Updated 6 months ago
- List DTDs and generate XXE payloads using those local DTDs.☆621Updated last year
- Small Tool written based on chaos from projectdiscovery.io☆171Updated 5 months ago
- Ghostcat read file/code execute,CNVD-2020-10487(CVE-2020-1938)☆383Updated 5 years ago
- Smart context-based SSRF vulnerability scanner.☆348Updated 2 years ago