allyomalley / BurpParamFlagger
A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or LFI.
☆130Updated 3 years ago
Related projects: ⓘ
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆162Updated 3 years ago
- A collection of code for interacting with API sources directly to improve your understanding of those services.☆65Updated 3 years ago
- ☆99Updated this week
- Prototype Pollution Scanner☆99Updated 3 years ago
- Burp Extension that copies a request and builds a FFUF skeleton☆105Updated 11 months ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆156Updated 9 months ago
- Detects request smuggling via HTTP/2 downgrades.☆92Updated 2 years ago
- Searching for virtual hosts among non-resolvable domains☆86Updated 4 years ago
- Get the scope of your bugcrowd programs☆67Updated 3 years ago
- Generates target specific word lists for Fuzzing with fuff☆107Updated 4 years ago
- A tool for append URLs, skipping duplicates/paths & combine parameters.☆118Updated 2 years ago
- ☆64Updated last year
- Adds a customizable "Send to..."-context-menu to your BurpSuite.☆147Updated last year
- The project aims at creating target-specific wordlists for any web application that you are testing.☆62Updated 2 years ago
- Script to test open Akamai ARL vulnerability.☆70Updated 3 years ago
- Extract JavaScript files from burp suite project with ease.☆76Updated 2 years ago
- Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs☆93Updated 3 years ago
- Find subdomains and takeovers.☆81Updated last year
- ☆82Updated this week
- Small tool to automate SSRF wordpress and XMLRPC finder☆78Updated last year
- All known and unknown public POC's for wordpress themes and plugins☆78Updated 3 years ago
- A combined wordlists for files and directory discovery☆115Updated 3 years ago
- ☆87Updated 2 years ago
- WordPress Plugin Update Confusion☆66Updated 2 years ago
- Burp Bounty profiles☆82Updated 2 years ago
- A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!☆84Updated 4 years ago
- Misc bounty and vulndisc things☆81Updated 3 years ago
- golang tool to scan domains or single domains with know security issues against xmlrpc☆60Updated 10 months ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆115Updated last year
- Wordlist to bruteforce for LFI☆119Updated 4 years ago