PortSwigger / psycho-pathLinks
psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write files into the webroot (aka document root). The "blind" aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source …
☆19Updated 7 years ago
Alternatives and similar repositories for psycho-path
Users that are interested in psycho-path are comparing it to the libraries listed below
Sorting:
- ☆32Updated 6 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Updated 4 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Updated 5 years ago
- Auto Recon Bash Script☆31Updated last year
- web-based-fuzzer☆32Updated 5 years ago
- Collection of scripts to test your website against vulnerabilities.☆18Updated last year
- Broken Link Hijacking Burp Extension☆57Updated 6 years ago
- A tool for fetching archived URLs (to be rewritten in Go).☆41Updated 7 years ago
- Pulse SSL VPN Arbitrary File Read burp extension☆24Updated 6 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆49Updated 3 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆35Updated last year
- Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated…☆31Updated 6 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 3 years ago
- CVE, reports, research☆15Updated 4 years ago
- Security test tool for Blind XSS☆26Updated 5 years ago
- Extract subdomains from rapiddns.io☆23Updated 3 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆59Updated 7 years ago
- Fuzzing for LFI using Burpsuite☆66Updated 9 years ago
- CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE☆32Updated 5 years ago
- Collection of content discovery wordlists in one wordlist.☆38Updated 4 years ago
- ☆36Updated last year
- Tool to try multiple paths for PHPunit RCE CVE-2017-9841☆29Updated 4 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- Accompanying material needed for the workshop☆11Updated 2 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆32Updated 8 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆47Updated 6 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆77Updated 5 years ago
- Get all possible href | src | url from target url or domain☆40Updated 5 years ago
- The format of various s3 buckets is convert in one format. for bugbounty and security testing.☆86Updated 2 years ago
- Local File Inclusion Burp-Suite Intruder Payload Generator Plugin☆41Updated 5 years ago