RUB-NDS / REST-Attacker
REST-Attacker is designed as a proof-of-concept for the feasibility of testing generic real-world REST implementations. Its goal is to provide a framework for REST security research.
☆80Updated 2 years ago
Alternatives and similar repositories for REST-Attacker
Users that are interested in REST-Attacker are comparing it to the libraries listed below
Sorting:
- A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…☆115Updated last year
- EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.☆64Updated 7 months ago
- First iteration of ML based Feedback WAF☆59Updated last year
- A Burp Suite extension for finding DNS vulnerabilities in web applications!☆94Updated last year
- ☆27Updated 2 years ago
- Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own☆71Updated last year
- A "Spring4Shell" vulnerability scanner.☆49Updated 3 months ago
- Fast and lightweight Web Application Firewall Fingerprinting tool☆62Updated 4 months ago
- WEB-Wordlist-Generator creates related wordlists after scanning your web applications.☆49Updated 11 months ago
- A GraphQL enumeration and extraction tool☆131Updated 2 years ago
- cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com☆39Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆71Updated 3 years ago
- 🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯☆24Updated last year
- Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based …☆98Updated last year
- ☆55Updated 2 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆87Updated last year
- 😹 Python project to bruteforce Apache Tomcat manager login with known-default credentials☆101Updated last year
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆32Updated 2 years ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆39Updated 2 years ago
- Github action for monitoring CVE☆42Updated this week
- Enumerate AWS cloud resources based on provided credential☆51Updated 3 years ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆49Updated last year
- Extracting OSINT Insights from 15TB of GitHub Event Logs☆68Updated last year
- Script to automate, when possible, the passive reconnaissance performed on a website prior to an assessment.☆37Updated 2 weeks ago
- ☆75Updated 10 months ago
- Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.☆44Updated 2 years ago
- ☆56Updated last year
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆29Updated last year
- Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)☆34Updated last month
- A list of threat sinks used in the manual security source code review for application security☆71Updated 2 years ago