PortSwigger / co2Links
A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.
☆24Updated last year
Alternatives and similar repositories for co2
Users that are interested in co2 are comparing it to the libraries listed below
Sorting:
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆63Updated 5 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆46Updated 2 years ago
- Tool to automate recon☆42Updated 4 years ago
- A simple Bash one liner with aim to automate CRLF vulnerability scanning.☆69Updated 5 years ago
- Security test tool for Blind XSS☆26Updated 5 years ago
- The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of informatio…☆60Updated 3 years ago
- golang tool to scan domains or single domains with know security issues against xmlrpc☆60Updated 2 years ago
- A Payload Injector for bugbounties written in go☆70Updated 5 years ago
- ☆42Updated 2 years ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆58Updated 3 years ago
- A Web-UI for subdomain enumeration (subfinder)☆56Updated 5 years ago
- CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE☆32Updated 5 years ago
- ☆59Updated 4 years ago
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files☆35Updated 4 years ago
- XSS reflector vulnerabilities exploitation extended.☆27Updated 4 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 3 years ago
- All known and unknown public POC's for wordpress themes and plugins☆78Updated 4 years ago
- This extension provides a way to discover NoSQL injection vulnerabilities.☆24Updated 3 months ago
- Burpsuite Plugin to detect Directory Traversal vulnerabilities☆27Updated 4 years ago
- Host Header Injection Scanner☆49Updated 5 years ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆45Updated 4 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆111Updated 3 years ago
- A FireBase DataBase TakeOver Tool along with POC Generator☆35Updated 4 years ago
- Shodan Favicon Hash Generator By Aziz Hakim @eternyle☆26Updated last year
- 0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover☆57Updated 5 years ago
- It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.☆59Updated 3 years ago
- XSS scanning with Dalfox on Github-action☆26Updated 2 years ago
- KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…☆59Updated 4 years ago
- Add headers to all Burp requests to bypass some WAF products☆43Updated 2 years ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆41Updated 6 years ago