WhiteOakSecurity / Dynamic-DTDLinks
A python Flask app that generates dynamic DTDs for easy out-of-band data exfiltration.
☆30Updated 2 years ago
Alternatives and similar repositories for Dynamic-DTD
Users that are interested in Dynamic-DTD are comparing it to the libraries listed below
Sorting:
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆71Updated 3 years ago
- ☆57Updated last year
- A list of "secrets" from JWT sample code and readme files.☆55Updated 4 years ago
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆52Updated 4 months ago
- User enumeration and password spraying tool for testing Azure AD☆70Updated 3 years ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.☆36Updated 2 years ago
- A collection of utilities for building extensions using Burp's Montoya API☆50Updated last year
- Stay within program scope☆37Updated 2 years ago
- Review of AWAE.OSWE☆31Updated 3 years ago
- ☆166Updated 3 years ago
- Dump all available paths and/or endpoints on WADL file.☆93Updated 3 weeks ago
- Custom scripts for the PIPER Burp extensions.☆98Updated last year
- ☆37Updated 2 years ago
- gSAST - Grep Static Analysis Security Tool☆13Updated last year
- Jenkins pre-auth RCE exploit. More info at https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266 https://blog.orange.tw/2019/02/…☆10Updated 6 years ago
- ☆26Updated 2 years ago
- Checks if files is accessible based on the source code.☆16Updated last year
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆132Updated 4 years ago
- ☆63Updated 2 years ago
- Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)☆34Updated 3 months ago
- Use normal web pentest tools to hack Websockets☆18Updated 5 years ago
- swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.☆59Updated 2 years ago
- ☆94Updated 3 years ago
- Subdomain Enumeration Wordlist. 8956437 unique words. Updated.☆74Updated 5 years ago
- A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.☆28Updated 3 years ago
- It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.☆58Updated 3 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆29Updated 2 years ago
- This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response ma…☆79Updated last year
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆20Updated 5 months ago
- ☆55Updated 2 years ago