PortSwigger / oauth-scan
Burp Suite Extension useful to verify OAUTHv2 and OpenID security
☆186Updated 3 months ago
Alternatives and similar repositories for oauth-scan:
Users that are interested in oauth-scan are comparing it to the libraries listed below
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆172Updated 5 months ago
- Cloud agnostic IAM permissions enumerator☆140Updated 7 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆258Updated 2 weeks ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆182Updated 2 years ago
- Automated learning of regexes for DNS discovery☆364Updated 2 years ago
- Distribute ordinary bash commands over many systems☆162Updated 2 years ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆156Updated 4 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆191Updated 7 months ago
- Prototype pollution scanner using headless chrome☆216Updated 2 years ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆317Updated 3 months ago
- ☆150Updated last year
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆132Updated this week
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆265Updated 2 years ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆166Updated last month
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆230Updated last year
- Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator☆168Updated 3 years ago
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆198Updated 2 years ago
- Http request smuggling vulnerability scanner☆227Updated 2 years ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆391Updated 2 months ago
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆262Updated this week
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆629Updated last year
- A simple tool that helps to find assets/domains based on the Google Analytics ID.☆173Updated 2 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Find CVE PoCs on GitHub☆145Updated last year
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆325Updated 3 weeks ago
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆177Updated last year
- Make URL path combinations using a wordlist☆173Updated last year
- ☆186Updated 4 months ago
- Filter and enrich a list of subdomains by level☆201Updated last year
- ☆156Updated 3 years ago