Sivnerof / Sources-And-Sinks-Cheatsheet
A cheatsheet for common JavaScript sources and sinks that lead to potential vulnerabilities.
☆17Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Sources-And-Sinks-Cheatsheet
- Tool to parse subdomains from dmarc.live☆64Updated 6 months ago
- This Tool To Test Machine Keys In View State☆55Updated last month
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆83Updated last month
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆104Updated 4 months ago
- Chrome extension for automating CSPT discovery☆47Updated last month
- Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leak…☆87Updated 3 months ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆54Updated last year
- A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs☆60Updated 3 months ago
- Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently brutef…☆50Updated 3 weeks ago
- Collection's of Tech Talk that are presented by me :)☆95Updated last month
- Finds graphql queries in javascript files☆57Updated 5 months ago
- Go scanner to find web cache poisoning vulnerabilities in a list of URLs☆125Updated 8 months ago
- Golang tool which helps dropping the irrelevant entries from your ffuf result file.☆128Updated last month
- ☆134Updated 3 weeks ago
- Create your own recon & vulnerability scanner with Trickest and GitHub☆49Updated last year
- ☆57Updated 2 months ago
- unleashed ffuf☆95Updated 4 months ago
- A really fast http prober.☆39Updated 9 months ago
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆86Updated 9 months ago
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…☆75Updated 3 months ago
- A better way of querying certificate transparency logs☆76Updated last year
- ☆52Updated last month
- ☆32Updated 10 months ago
- ☆97Updated 3 months ago
- Save your dorking results to the terminal. A modified version of TomNomNom's amazing tool!☆84Updated 9 months ago
- Feed it a list of subdomains, it will resolve them and tell you which ones are internal☆91Updated 2 years ago
- Downlaod all the nuclei Templates created from many Bug Hunters☆25Updated last year
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the int…☆97Updated this week
- Mine URLs from Browser's Heap Snapshot for fun and profit☆63Updated last year
- ♥☆53Updated last month