alebeta90 / behindflareLinks
This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF
☆15Updated 2 years ago
Alternatives and similar repositories for behindflare
Users that are interested in behindflare are comparing it to the libraries listed below
Sorting:
- Clickjacking PoC Generator☆35Updated 4 years ago
- A program to map out SPF and DKIM records for a large number of domains☆38Updated 10 years ago
- Default plugins for Jaeles Scanner�☆35Updated 4 years ago
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.☆58Updated 5 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆25Updated 6 years ago
- parse ffuf & map endpoints to wordlists☆21Updated 4 years ago
- Quickly add http and https domains to BurpSuite's scope with all paths.☆16Updated 9 years ago
- Data exfiltration utility for testing detection capabilities☆57Updated 3 years ago
- It becomes the extension of Burp suite. The cookie set by the BipIP server may include a private IP, which is an extension to detect tha…☆16Updated last year
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆76Updated 5 years ago
- qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.☆30Updated 5 years ago
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Updated 6 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Updated 4 years ago
- fast, zero config web endpoint change monitor☆43Updated 5 years ago
- Anvil Secure's Burp extension for signing AWS requests with SigV4☆21Updated last month
- Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)☆32Updated 2 years ago
- Router socks. One port socks for all the others.☆69Updated last year
- Given a list of domains, you resolve them and get the IP addresses.☆48Updated 3 years ago
- Bug Bounty Clipboard☆17Updated 5 years ago
- ☆47Updated 4 years ago
- Simple python script to check against hypothetical JWT vulnerability.☆51Updated 4 years ago
- ☆36Updated 8 months ago
- String or worldlist encoder for use in fuzzing or web application testing☆19Updated 6 years ago
- This is the Go Server that relays all HTTP requests and responses between clients.☆28Updated last year
- A basic proxylogon scanner☆27Updated 4 years ago
- A compilation of network scanning strategies to find vulnerable devices☆73Updated 2 years ago
- a parser + crawler for .DS_Store files exposed publically☆54Updated 2 years ago
- This tool is useful to find a particular string in a list of URLs using tesseract's OCR (Optical Character Recognition) capabilities☆31Updated 3 years ago
- client-side prototype pullution vulnerability scanner☆46Updated 4 years ago
- asnap aims to render recon phase easier by providing updated data about which companies owns which ipv4 or ipv6 addresses and allows the …☆26Updated 4 years ago