alebeta90 / behindflareLinks
This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF
☆15Updated 2 years ago
Alternatives and similar repositories for behindflare
Users that are interested in behindflare are comparing it to the libraries listed below
Sorting:
- Clickjacking PoC Generator☆35Updated 4 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆77Updated 5 years ago
- Default plugins for Jaeles Scanner☆35Updated 4 years ago
- fast, zero config web endpoint change monitor☆43Updated 5 years ago
- A program to map out SPF and DKIM records for a large number of domains☆38Updated 10 years ago
- parse ffuf & map endpoints to wordlists☆20Updated 4 years ago
- String or worldlist encoder for use in fuzzing or web application testing☆19Updated 6 years ago
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.☆58Updated 5 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Updated 4 years ago
- It becomes the extension of Burp suite. The cookie set by the BipIP server may include a private IP, which is an extension to detect tha…☆16Updated last year
- Query various sources for CVE proof-of-concepts☆51Updated 2 years ago
- qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.☆30Updated 5 years ago
- Data exfiltration utility for testing detection capabilities☆57Updated 3 years ago
- ☆36Updated 7 months ago
- ☆47Updated 4 years ago
- asnap aims to render recon phase easier by providing updated data about which companies owns which ipv4 or ipv6 addresses and allows the …☆26Updated 4 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- Static analysis of wordpress plugins☆62Updated 4 years ago
- Database to store previously found subdomains☆65Updated 3 months ago
- URL-encode data streams via commandline☆14Updated 5 years ago
- SMBGhost (CVE-2020-0796) and SMBleed (CVE-2020-1206) Scanner☆46Updated 5 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆25Updated 6 years ago
- Turn your VPS into an attack box☆35Updated last year
- All the information provided on this site is for educational purposes only.☆18Updated last year
- ☆50Updated 5 years ago
- client-side prototype pullution vulnerability scanner☆46Updated 4 years ago
- DNS hijacking via dead records automation tool☆53Updated 4 years ago
- Writeup of CVE-2020-15906☆48Updated 4 years ago
- a parser + crawler for .DS_Store files exposed publically☆54Updated 2 years ago
- WebSocket Connection Smuggler☆46Updated 2 years ago