PortSwigger / oauth-scan
Burp Suite Extension useful to verify OAUTHv2 and OpenID security
☆186Updated 2 months ago
Alternatives and similar repositories for oauth-scan:
Users that are interested in oauth-scan are comparing it to the libraries listed below
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆256Updated 7 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆169Updated 3 months ago
- ☆149Updated last year
- Distribute ordinary bash commands over many systems☆161Updated 2 years ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆181Updated 2 years ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆189Updated 6 months ago
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆197Updated 2 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆132Updated last year
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆412Updated 3 months ago
- Automated learning of regexes for DNS discovery☆363Updated 2 years ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆229Updated last year
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆156Updated 3 months ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆265Updated last year
- Complex payload encoder☆219Updated last year
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆119Updated 2 years ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆318Updated last month
- Cloud agnostic IAM permissions enumerator☆140Updated 5 months ago
- Tools to assess DNS security.☆151Updated 11 months ago
- A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities☆116Updated last year
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆167Updated 2 weeks ago
- Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework☆164Updated 2 years ago
- mx-takeover focuses DNS MX records and detects misconfigured MX records.☆346Updated last year
- A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…☆113Updated last year
- Http request smuggling vulnerability scanner☆225Updated 2 years ago
- PP-finder Help you find gadget for prototype pollution exploitation☆151Updated 6 months ago
- Prototype pollution scanner using headless chrome☆216Updated 2 years ago
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆175Updated last year
- A GraphQL enumeration and extraction tool☆130Updated 2 years ago
- The Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbit…☆334Updated last week
- A quick ‘n dirty nmap parser written in Golang to convert nmap xml to IP:Port notation.☆125Updated 7 months ago