alebeta90 / behindflare
This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF
☆15Updated last year
Related projects: ⓘ
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Updated 3 years ago
- It becomes the extension of Burp suite. The cookie set by the BipIP server may include a private IP, which is an extension to detect tha…☆15Updated 4 months ago
- This tool is useful to find a particular string in a list of URLs using tesseract's OCR (Optical Character Recognition) capabilities☆31Updated 2 years ago
- Burp Suite Pro extension☆10Updated 7 years ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆13Updated 5 months ago
- Just a simple SMTP server, implementation of @corpix smtpd library☆14Updated 4 years ago
- parse ffuf & map endpoints to wordlists☆19Updated 3 years ago
- client-side prototype pullution vulnerability scanner☆46Updated 3 years ago
- Router socks. One port socks for all the others.☆66Updated 3 months ago
- Query various sources for CVE proof-of-concepts☆50Updated last year
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆15Updated 3 years ago
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.☆56Updated 4 years ago
- Magento Security Scanner☆15Updated 2 years ago
- Data exfiltration utility for testing detection capabilities☆57Updated 2 years ago
- Clickjacking PoC Generator☆35Updated 3 years ago
- A playground to practice SSRF Attacks against web apps☆17Updated 5 years ago
- ☆20Updated this week
- ☆50Updated 4 years ago
- This is the Go Server that relays all HTTP requests and responses between clients.☆26Updated 11 months ago
- ☆47Updated 3 years ago
- Enumerate subdomains by parsing Rapid7 FDNS dumps and CA transparency logs☆27Updated 5 years ago
- A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE database and their asso…☆12Updated 3 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆39Updated last year
- URL-encode data streams via commandline☆14Updated 4 years ago
- ☆10Updated this week
- String or worldlist encoder for use in fuzzing or web application testing☆17Updated 5 years ago
- Google Chrome Extension automates testing fundamental Web Problems via Chrome☆21Updated 3 years ago
- This tool aims at automating the identification of potential service running behind ports identified manually either through manual scan …☆50Updated 3 years ago
- A basic proxylogon scanner☆27Updated 3 years ago
- Stealthy Stand Alone PHP Web Shell☆33Updated 5 years ago