PortSwigger / lightbulb-framework
Tools for auditing WAFS
☆18Updated 2 years ago
Related projects: ⓘ
- Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool☆25Updated 2 years ago
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆9Updated 2 years ago
- ☆24Updated this week
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆18Updated 4 years ago
- Pythonize Intruder Payload☆13Updated 3 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 5 years ago
- Kubernetes Scanner☆41Updated 2 years ago
- String or worldlist encoder for use in fuzzing or web application testing☆17Updated 5 years ago
- Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets☆41Updated last year
- An information gathering tool to collect git emails in version control host services☆11Updated 5 years ago
- ☆35Updated 4 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Updated 3 years ago
- ☆23Updated this week
- A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE database and their asso…☆12Updated 3 years ago
- NMAP NSE script that scans for http(s) server, takes a screenshot of them, and organizes the results into an HTML report.☆28Updated 10 years ago
- ☆34Updated this week
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 6 years ago
- Noob Penetration tester☆10Updated 4 months ago
- Restructured and Collaborated SIEM and CVSS Infrastructure. Presented at Blackhat Asia Arsenal 2020.☆3Updated last year
- An nmap script to produce target lists for use with various tools.☆33Updated 3 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆35Updated last year
- It becomes the extension of Burp suite. The cookie set by the BipIP server may include a private IP, which is an extension to detect tha…☆15Updated 3 months ago
- A simple grep user interface for searching code which can be used for SAST.☆8Updated 5 years ago
- Interactsh deployment to AWS EC2 Instance with Terraform☆11Updated 2 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆24Updated 5 years ago
- Burp Suite Professional extension in Java for Tabnabbing attack☆13Updated 6 years ago
- ☆20Updated 4 years ago
- A simple python3 script that generate unicode payloads..☆9Updated 4 years ago
- A playground to practice SSRF Attacks against web apps☆17Updated 5 years ago
- Paper, data and code from Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding In…☆18Updated 3 years ago