PortSwigger / co2Links
A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.
☆23Updated last year
Alternatives and similar repositories for co2
Users that are interested in co2 are comparing it to the libraries listed below
Sorting:
- ☆10Updated 3 years ago
- Add headers to all Burp requests to bypass some WAF products☆42Updated last year
- Burp Suite plugin created for using Collaborator tool during manual testing☆19Updated 3 years ago
- CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE☆32Updated 5 years ago
- Virtual host wordlist☆52Updated 4 years ago
- NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.☆78Updated 2 years ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆57Updated 3 years ago
- Burp Suite extension to discover assets from HTTP response.☆16Updated 4 years ago
- Host Header Injection Scanner☆47Updated 4 years ago
- Dump all available paths and/or endpoints on WADL file.☆93Updated last month
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆46Updated 2 years ago
- Automatically modify the User-Agent header in all Burp requests☆58Updated 7 years ago
- All in one port scanning script.☆68Updated 5 years ago
- Collection of content discovery wordlists in one wordlist.☆38Updated 3 years ago
- The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of informatio…☆58Updated 2 years ago
- [+]An Automation Tool Based on [ securitytrails.com ]☆18Updated 4 years ago
- Subdomain discovery using Sublist3r, certspotter, crt.sh , censys and amass . Subdomain bruteforcing using Gobuster and Resolve hosts usi…☆17Updated 9 months ago
- Security test tool for Blind XSS☆26Updated 5 years ago
- A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it us…☆63Updated 4 years ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆45Updated 3 years ago
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆18Updated 7 years ago
- A Python based scanner to find potential SSRF parameters in a web application.☆72Updated 4 years ago
- WebSocket Connection Smuggler☆45Updated 2 years ago
- A simple Bash one liner with aim to automate CRLF vulnerability scanning.☆69Updated 4 years ago
- Given a list of domains, you resolve them and get the IP addresses.☆48Updated 3 years ago
- ☆10Updated 3 years ago
- Hacked together script for feeding urls into Burp's Sitemap☆93Updated 2 months ago
- 🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline☆59Updated 7 months ago
- It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.☆58Updated 3 years ago
- ☆20Updated 5 years ago