bl4de / dictionaries
Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks
☆239Updated 11 months ago
Alternatives and similar repositories for dictionaries:
Users that are interested in dictionaries are comparing it to the libraries listed below
- HTTP file upload scanner for Burp Proxy☆488Updated last year
- Another way to bypass WAF Cheat Sheet (draft)☆422Updated 6 years ago
- Pentest/BugBounty progress control with scanning modules☆281Updated 4 years ago
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆214Updated 6 months ago
- simple script to extract all web resources by means of .SVN folder exposed over network.☆463Updated last year
- Scan Victim Backup Directories & Backup Files☆178Updated last year
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆721Updated 5 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆275Updated 4 years ago
- A mini webserver with FTP support for XXE payloads☆330Updated last year
- Automated blind-xss search for Burp Suite☆283Updated 5 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆295Updated 5 years ago
- HTTP file upload scanner for Burp Proxy☆406Updated 2 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆625Updated last year
- A Go implementation of dirsearch.☆280Updated 3 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆602Updated last year
- Python tool to find potential Server Side Reqest Forgery (SSRF) vulnerability parameters.☆319Updated 2 weeks ago
- Common Web Managers Fuzz Wordlists☆172Updated last month
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆313Updated last year
- Take a list of domains/subdomains and probe for working http/https server.☆188Updated 4 years ago
- Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.☆297Updated 5 years ago
- Payloads for CRLF Injection☆222Updated 6 months ago
- this contain the burp pack☆206Updated 8 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆777Updated last year
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆529Updated 6 years ago
- SSLScrape | A scanning tool for scaping hostnames from SSL certificates.☆332Updated 3 years ago
- Bugbounty scope tool☆328Updated last month
- A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by caus…☆433Updated 2 weeks ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆346Updated 3 years ago
- XXE Out of Band Server.☆170Updated last year
- Second-order subdomain takeover scanner☆387Updated 2 years ago