PortSwigger / javascript-security
A Burp Suite extension which performs checks for cross-domain scripting against the DOM, subresource integrity checks, and evaluates JavaScript resources against threat intelligence data.
☆9Updated 3 years ago
Alternatives and similar repositories for javascript-security
Users that are interested in javascript-security are comparing it to the libraries listed below
Sorting:
- Multipurpose tool, currently aimed for HackTheBox Battlegrounds☆21Updated 4 years ago
- A tool to parse, deduplicate, and query multiple port scans.☆59Updated last year
- Fork of https://github.com/PortSwigger/param-miner for header smuggling research☆12Updated 3 years ago
- Take domains on stdin and output them on stdout if they get resolved☆33Updated 2 years ago
- ☆10Updated 2 years ago
- Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulner…☆15Updated last year
- A compilation of network scanning strategies to find vulnerable devices☆73Updated 2 years ago
- Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets☆43Updated 2 years ago
- Phishing sites configured to work with Netlify form handling☆12Updated 5 years ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆45Updated 3 years ago
- Burp Suite Pro extension☆10Updated 7 years ago
- passat - password auditing tool. Does statistical analyses on large sets of cracked passwords.☆26Updated 3 years ago
- A command-line application to generate random user agent strings.☆17Updated 5 years ago
- PoC: Python package static and dynamic analysis to detect environment variable stealing☆10Updated 4 years ago
- Next Generation Phishing Tool For Internal / Red Teams☆35Updated 5 years ago
- Abusing Cloudflare Workers to establish persistence and exfiltrate sensitive data at the edge.☆16Updated 2 years ago
- An ultra lightweight web screenshot tool with advanced DOM analysis features.☆26Updated this week
- Copy as XMLHttpRequest BurpSuite extension☆31Updated 4 years ago
- Burp Suite extension to discover assets from HTTP response.☆16Updated 4 years ago
- a recon framework that facilitates discovering, scanning and monitoring assets trough a configurable engine running on serverless aws inf…☆10Updated 8 months ago
- Deploy multiple instances of Nessus in docker containers easily☆20Updated 4 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆29Updated last year
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Updated 2 months ago
- A Burp Suite extension for headless, unattended scanning.☆36Updated 4 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Updated 4 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- Anti-Takeover is a sub domain monitoring tool for (blue/purple) team / internal security team which uses cloud flare. Currently Anti-Take…☆12Updated 4 years ago
- A fast port scanner written in go with a focus on reliability and simplicity.☆16Updated 7 months ago
- MyOpenVDP is a free web application to install a vulnerability disclosure policy or a vulnerability disclosure program on your assets. (V…☆28Updated 9 months ago
- ☆20Updated 3 years ago