PortSwigger / oauth-scan
Burp Suite Extension useful to verify OAUTHv2 and OpenID security
☆187Updated 4 months ago
Alternatives and similar repositories for oauth-scan:
Users that are interested in oauth-scan are comparing it to the libraries listed below
- Cloud agnostic IAM permissions enumerator☆148Updated last week
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆261Updated last month
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆173Updated 5 months ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆183Updated 2 years ago
- Distribute ordinary bash commands over many systems☆164Updated 2 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆133Updated 3 weeks ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆157Updated 5 months ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆266Updated 2 years ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆191Updated 8 months ago
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆201Updated 3 years ago
- ☆151Updated last year
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆168Updated 2 months ago
- Prototype pollution scanner using headless chrome☆218Updated 2 years ago
- ☆246Updated 9 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆104Updated 2 months ago
- Automated learning of regexes for DNS discovery☆364Updated 2 years ago
- A GraphQL enumeration and extraction tool☆131Updated 2 years ago
- A streamlined tool for discovering private TLDs for security research.☆190Updated last week
- This repository is in progress, it will keep updating as I come across to new learning materials. Feel free to contribute.☆221Updated 2 years ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆125Updated last year
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆325Updated last month
- Fast and customizable vulnerability scanner For JIRA written in Python☆318Updated 3 months ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆243Updated last month
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆419Updated 5 months ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆134Updated 4 months ago
- ☆139Updated 11 months ago
- ☆189Updated 5 months ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆122Updated 2 years ago
- A simple remote scanner for Atlassian Jira☆120Updated 2 years ago
- A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities☆117Updated last year