PortSwigger / psycho-path
psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write files into the webroot (aka document root). The "blind" aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source …
☆19Updated 6 years ago
Alternatives and similar repositories for psycho-path:
Users that are interested in psycho-path are comparing it to the libraries listed below
- Security test tool for Blind XSS☆26Updated 5 years ago
- Burp extension to generate multi-step CSRF POC.☆30Updated 5 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 7 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆36Updated 11 months ago
- This is a small extension to make graphql readable☆30Updated 6 years ago
- Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)☆32Updated 2 years ago
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Updated 6 years ago
- ☆32Updated 5 years ago
- Bug Bounty Clipboard☆17Updated 5 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Updated 6 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆41Updated 4 years ago
- Collection of different exploitation scenarios of JWT.☆21Updated 3 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆17Updated 4 years ago
- CVE, reports, research☆17Updated 4 years ago
- Insecure Deserialization, PDF and lab☆18Updated 5 years ago
- Accompanying material needed for the workshop☆11Updated last year
- Auto Recon Bash Script☆31Updated 4 months ago
- Just a simple SMTP server, implementation of @corpix smtpd library☆14Updated 5 years ago
- OWASP Skanda - SSRF Exploitation Framework☆38Updated 11 years ago
- ☆16Updated 2 years ago
- burp extender for fuzzing☆10Updated 6 years ago
- RAS(RAndom Subdomain) Fuzzer☆42Updated 5 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- PHP tool to test XSS☆22Updated 5 years ago
- Burp Intruder File Payload Generator☆18Updated 5 years ago
- A tools for JavaScript Recon☆21Updated 4 years ago
- View screenshots as a slideshow over http☆15Updated 5 years ago
- An entry level resource to learning bug bounty.☆25Updated 7 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆23Updated 8 years ago
- Scripts for OSCE☆18Updated 6 years ago