Xyntax / waf-bypass
☆60Updated 5 years ago
Related projects: ⓘ
- A Web-UI for subdomain enumeration (subfinder)☆53Updated 4 years ago
- List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.☆81Updated 6 years ago
- Authenticated SSRF in Grafana☆76Updated 2 months ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆61Updated 4 years ago
- Burp Bounty profiles☆82Updated 2 years ago
- ☆53Updated this week
- ☆49Updated 4 years ago
- A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks☆53Updated 5 years ago
- Wordlist to bruteforce for LFI☆119Updated 4 years ago
- Exploits developed by Mikael Kall☆46Updated last year
- ☆34Updated this week
- ☆25Updated 4 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆108Updated 2 years ago
- ☆27Updated 2 years ago
- All known and unknown public POC's for wordpress themes and plugins☆78Updated 3 years ago
- Primefaces <= 5.2.21, 5.3.8 or 6.0 - Remote Code Execution Exploit☆87Updated 6 months ago
- Fuzzing for LFI using Burpsuite☆58Updated 7 years ago
- A XSS mind map ;)☆56Updated 8 years ago
- Tool is to check for Cache Deception Attack Both For Authenticated and UnAuthenticated Pages☆43Updated 2 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆41Updated last year
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆162Updated 3 years ago
- ☆45Updated this week
- Broken Link Hijacking Burp Extension☆54Updated 5 years ago
- This tool is just after the first refactoring pushed. Original is from Will Vandevanter (BuffaloWill). Only rearrange the code which will…☆32Updated 8 years ago
- ☆38Updated last year
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This …☆60Updated 2 years ago
- Hacking Artifactory with server side template injection☆50Updated 4 years ago
- Automatically modify the User-Agent header in all Burp requests☆52Updated 6 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆62Updated 3 years ago
- ☆44Updated 2 years ago