RUB-NDS / CORStest

Related projects: ⓘ

• antichown / subdomain-takeover
  Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94
  ☆346Updated last year
• mazen160 / bfac
  BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…
  ☆523Updated 2 years ago
• tomdev / teh_s3_bucketeers
  ☆270Updated 2 years ago
• EdOverflow / megplus
  Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
  ☆301Updated 5 years ago
• TypeError / domained
  Multi Tool Subdomain Enumeration
  ☆722Updated 3 years ago
• fransr / bountyplz
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆439Updated 5 years ago
• appsecco / bugcrowd-levelup-subdomain-enumeration
  This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…
  ☆631Updated 5 years ago
• nahamsec / lazys3
  ☆522Updated 7 months ago
• mandatoryprogrammer / xsshunter_client
  Correlated injection proxy tool for XSS Hunter
  ☆248Updated last year
• mazen160 / server-status_PWN
  A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-s…
  ☆418Updated 3 years ago
• nahamsec / HostileSubBruteforcer
  ☆449Updated 3 years ago
• ZephrFish / GoogD0rker
  Note: Going through a full re-write of the tooling so the current versions in the repo do not work!
  ☆397Updated 4 years ago
• LewisArdern / bXSS
  bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
  ☆500Updated last year
• jobertabma / virtual-host-discovery
  A script to enumerate virtual hosts on a server.
  ☆659Updated 6 years ago
• RhinoSecurityLabs / SleuthQL
  Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
  ☆464Updated 4 years ago
• JoshuaMart / AutoRecon
  Simple shell script for automated domain recognition with some tools
  ☆298Updated 3 years ago
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆292Updated 4 years ago
• gwen001 / s3-buckets-finder
  Find AWS S3 buckets and test their permissions.
  ☆366Updated last year
• zseano / JS-Scan
  a .js scanner, built in php. designed to scrape urls and other info
  ☆203Updated 7 years ago
• infosec-au / enumXFF
  Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
  ☆215Updated 2 years ago
• bugbountyforum / XSS-Radar
  ☆317Updated 6 years ago
• Mad-robot / Spartan
  My Recon Automation
  ☆194Updated 3 years ago
• jobertabma / ground-control
  A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
  ☆528Updated 7 years ago
• internetwache / CT_subdomains
  An hourly updated list of subdomains gathered from certificate transparency logs
  ☆340Updated 2 years ago
• assetnote / commonspeak2-wordlists
  Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.
  ☆516Updated 6 years ago
• nahamsec / JSParser
  ☆785Updated 10 months ago
• TheHackerDev / race-the-web
  Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
  ☆585Updated 2 years ago
• allyomalley / LiveTargetsFinder
  Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts a…
  ☆362Updated 2 years ago
• pentester-io / commonspeak
  Content discovery wordlists generated using BigQuery
  ☆545Updated 4 years ago
• anshumanbh / brutesubs
  An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …
  ☆257Updated 3 years ago