PortSwigger / javascript-security

Related projects ⓘ

Alternatives and complementary repositories for javascript-security

• PortSwigger / additional-cors-checks
  ☆9Updated 2 years ago
• SpiderLabs / masher
  multiple password 'asher using Python’s hashlib
  ☆14Updated 3 years ago
• cnotin / burp-scan-manual-insertion-point
  Burp Suite Pro extension
  ☆10Updated 7 years ago
• sahadnk72 / jecretz
  Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets
  ☆42Updated last year
• intruder-io / param-miner
  Fork of https://github.com/PortSwigger/param-miner for header smuggling research
  ☆12Updated 3 years ago
• PortSwigger / add-custom-header
  A Burp Suite extension to add a custom header (e.g. JWT)
  ☆18Updated 3 years ago
• dwisiswant0 / look4jar
  Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?
  ☆44Updated 2 years ago
• random-robbie / kube-scan
  Kubernetes Scanner
  ☆41Updated 2 years ago
• PortSwigger / reshaper
  Burp Suite Extension - Trigger actions and reshape HTTP request and response traffic using configurable rules
  ☆15Updated last month
• blue1616 / monolith
  ☆19Updated 3 years ago
• leesoh / np
  A tool to parse, deduplicate, and query multiple port scans.
  ☆57Updated last year
• vp777 / metahttp
  A bash script that automates the scanning of a target network for HTTP resources through XXE
  ☆37Updated 3 years ago
• reconness / reconness-agents
  Reconness Agents Script
  ☆32Updated 2 years ago
• emgaurav / objectify-s3
  Objectify-s3 is a tool that recursively checks AWS S3 buckets and objects for misconfigured permissions.
  ☆15Updated 3 months ago
• N0MoreSecr3ts / wraith-signatures
  Signatures for wraith used to detect secrets across various sources
  ☆15Updated 2 years ago
• PortSwigger / site-map-extractor
  ☆10Updated 3 years ago
• 10goto20 / seltzer
  A Burp Suite extension for headless, unattended scanning.
  ☆36Updated 4 years ago
• PortSwigger / web-cache-deception-scanner
  A Burp Extension to test applications for vulnerability to the Web Cache Deception attack
  ☆14Updated 6 years ago
• PortSwigger / ator
  ☆29Updated 6 months ago
• nyxgeek / rpcfiend
  Use rpc null sessions to retrieve machine list, domain admin list, domain controllers
  ☆13Updated last year
• onsecurity / evilginx2
  Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …
  ☆13Updated 7 months ago
• hahwul / ws-smuggler
  WebSocket Connection Smuggler
  ☆44Updated 2 years ago
• Orange-Cyberdefense / mass-nessus-docker
  Deploy multiple instances of Nessus in docker containers easily
  ☆20Updated 3 years ago
• ethicalhackingplayground / pdtools
  Install and upgrade projectdiscovery tools
  ☆10Updated 2 years ago
• PortSwigger / asset-discovery
  Burp Suite extension to discover assets from HTTP response.
  ☆15Updated 3 years ago
• DanaEpp / CodeArgos
  A python module for red teams to support the continuous recon of JavaScript files and HTML script blocks in an active web application.
  ☆13Updated last year
• Orange-Cyberdefense / rabid
  A CLI tool and library allowing to simply decode all kind of BigIP cookies.
  ☆38Updated 4 years ago
• jackj07 / Response-Pattern-Matcher
  Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulner…
  ☆15Updated last year
• shelld3v / flydns
  Related subdomains finder
  ☆29Updated 2 years ago
• p0dalirius / Sprayer
  Multithreaded spraying of a password on all accounts of a domain.
  ☆17Updated 4 months ago