PortSwigger / oauth-scan
Burp Suite Extension useful to verify OAUTHv2 and OpenID security
☆186Updated last month
Alternatives and similar repositories for oauth-scan:
Users that are interested in oauth-scan are comparing it to the libraries listed below
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆254Updated 6 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆169Updated 2 months ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆167Updated 8 months ago
- Cloud agnostic IAM permissions enumerator☆138Updated 4 months ago
- Distribute ordinary bash commands over many systems☆161Updated 2 years ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆180Updated 2 years ago
- ☆238Updated 6 months ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆264Updated last year
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆157Updated 2 months ago
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆399Updated 2 months ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆132Updated last year
- Http request smuggling vulnerability scanner☆225Updated 2 years ago
- Automated learning of regexes for DNS discovery☆362Updated last year
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆222Updated 4 months ago
- ☆147Updated last year
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆191Updated 2 years ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆187Updated 5 months ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆318Updated 2 weeks ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆101Updated this week
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆173Updated last year
- A simple tool that helps to find assets/domains based on the Google Analytics ID.☆172Updated last week
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆320Updated 2 months ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆229Updated last year
- A streamlined tool for discovering private TLDs for security research.☆170Updated this week
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆118Updated 2 years ago
- Prototype pollution scanner using headless chrome☆198Updated 2 years ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆123Updated 9 months ago
- A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities☆116Updated last year
- A GraphQL enumeration and extraction tool☆129Updated last year