alebeta90 / behindflareLinks
This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF
☆15Updated 2 years ago
Alternatives and similar repositories for behindflare
Users that are interested in behindflare are comparing it to the libraries listed below
Sorting:
- A program to map out SPF and DKIM records for a large number of domains☆39Updated 10 years ago
- All the information provided on this site is for educational purposes only.☆18Updated last year
- Clickjacking PoC Generator☆35Updated 5 years ago
- It becomes the extension of Burp suite. The cookie set by the BipIP server may include a private IP, which is an extension to detect tha…☆16Updated last year
- Bug Bounty Clipboard☆17Updated 6 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆77Updated 5 years ago
- A JavaScript components vulnerability scanner, based on RetireJS☆37Updated 5 years ago
- Default plugins for Jaeles Scanner☆35Updated 5 years ago
- Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)☆32Updated 2 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆37Updated last year
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.☆58Updated 5 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆25Updated 6 years ago
- Anvil Secure's Burp extension for signing AWS requests with SigV4☆21Updated 2 months ago
- URL-encode data streams via commandline☆14Updated 6 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Updated 4 years ago
- Data exfiltration utility for testing detection capabilities☆57Updated 3 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- XXE Injection Payloads☆28Updated 6 years ago
- a parser + crawler for .DS_Store files exposed publically☆54Updated 2 years ago
- Collection of exploits/POC for PrestaShop cookie vulnerabilities (CVE-2018-13784)☆48Updated 7 years ago
- qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.☆30Updated 5 years ago
- fast, zero config web endpoint change monitor☆43Updated 5 years ago
- websocket-connection-smuggler☆66Updated 5 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆47Updated 6 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Updated 4 years ago
- parse ffuf & map endpoints to wordlists☆21Updated 4 years ago
- A multi-processed, multi-threaded scanner to discover web directories on multiple URLs.☆21Updated 6 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆15Updated 4 years ago
- String or worldlist encoder for use in fuzzing or web application testing☆19Updated 6 years ago
- burp extender for fuzzing☆10Updated 7 years ago