RUB-NDS / REST-AttackerLinks
REST-Attacker is designed as a proof-of-concept for the feasibility of testing generic real-world REST implementations. Its goal is to provide a framework for REST security research.
☆80Updated 2 years ago
Alternatives and similar repositories for REST-Attacker
Users that are interested in REST-Attacker are comparing it to the libraries listed below
Sorting:
- First iteration of ML based Feedback WAF☆59Updated last year
- A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…☆115Updated last year
- A python3 script searching for secret on swaggerhub☆65Updated 3 years ago
- EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.☆64Updated 9 months ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆71Updated 3 years ago
- Script to automate, when possible, the passive reconnaissance performed on a website prior to an assessment.☆37Updated 2 weeks ago
- ☆27Updated 2 years ago
- ElasticSearch exploit and Pentesting guide for penetration tester☆29Updated 2 years ago
- A Burp Suite extension for finding DNS vulnerabilities in web applications!☆94Updated last year
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆40Updated 2 years ago
- 🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯☆25Updated last year
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆87Updated last year
- A "Spring4Shell" vulnerability scanner.☆49Updated 5 months ago
- Find the remote website version based on a git repository☆126Updated 4 years ago
- A list of threat sinks used in the manual security source code review for application security☆72Updated 2 years ago
- Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)☆88Updated 2 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆29Updated 2 years ago
- WEB-Wordlist-Generator creates related wordlists after scanning your web applications.☆50Updated last year
- Tools used for Pentesting☆22Updated 2 years ago
- ☆37Updated 2 years ago
- ☆52Updated last week
- Striping CDN & WAF IPs from a list of IP Addresses☆80Updated last month
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆51Updated last year
- Repo for hosting rayder workflows☆61Updated last year
- ☆55Updated 2 years ago
- PassMute - A multi featured Password Transmutation/Mutator Tool☆51Updated 2 years ago
- Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based …☆99Updated last year
- Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)☆34Updated 2 months ago
- swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.☆59Updated 2 years ago
- This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)☆44Updated 2 years ago