PortSwigger / oauth-scan
Burp Suite Extension useful to verify OAUTHv2 and OpenID security
☆183Updated last year
Related projects ⓘ
Alternatives and complementary repositories for oauth-scan
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆178Updated 2 years ago
- ☆146Updated last year
- Distribute ordinary bash commands over many systems☆161Updated 2 years ago
- Cloud agnostic IAM permissions enumerator☆139Updated 2 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆185Updated 3 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆169Updated 3 weeks ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆155Updated last week
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆131Updated last year
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆252Updated 4 months ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆263Updated last year
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆533Updated 11 months ago
- GitHub Attack Toolkit - Extreme Edition☆196Updated this week
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆181Updated 2 years ago
- Prototype pollution scanner using headless chrome☆197Updated 2 years ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆225Updated 10 months ago
- Rust-based high performance domain permutation generator.☆275Updated 11 months ago
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆392Updated 3 weeks ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆166Updated 6 months ago
- ☆232Updated 4 months ago
- A GraphQL enumeration and extraction tool☆128Updated last year
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆98Updated 9 months ago
- Automated learning of regexes for DNS discovery☆358Updated last year
- Fast and customizable vulnerability scanner For JIRA written in Python☆317Updated 9 months ago
- ☆175Updated 2 weeks ago
- ☆110Updated last year
- ☆143Updated last month
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆207Updated 2 months ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆117Updated 2 years ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆118Updated 7 months ago