A tool that automates the search for IDOR vulnerabilities in web apps and APIs
☆64Jan 18, 2021Updated 5 years ago
Alternatives and similar repositories for apidor
Users that are interested in apidor are comparing it to the libraries listed below
Sorting:
- The IDOR IN works by systematically scanning a target web application and examining various endpoints, parameters, and data access points…☆23Jun 25, 2023Updated 2 years ago
- An interactive bash script for detecting IDOR vulnerabilities. Automates the discovery of access control issues in web applications, enha…☆15Apr 10, 2025Updated 10 months ago
- ☆12Jul 4, 2024Updated last year
- golang tool to scan domains or single domains with know security issues against xmlrpc☆62Nov 9, 2023Updated 2 years ago
- Describe how to use ffuf different options with examples☆13Jun 13, 2022Updated 3 years ago
- Quake Command-Line Application With Golang☆10Jul 20, 2023Updated 2 years ago
- A script written in python3 to spread blind cross-site scripting payloads on HTTP requests headers☆10Oct 2, 2022Updated 3 years ago
- Information gathering tool by Arjun arz☆11Jul 3, 2020Updated 5 years ago
- IDOR bypass fuzz 权限绕过burp 插件 fuzz (shiro 等)☆27Sep 1, 2021Updated 4 years ago
- BurpSuite Extension for performing scan via CLI.☆14Dec 5, 2017Updated 8 years ago
- ☆10Jan 30, 2022Updated 4 years ago
- An x64 binary executing code that's not inside of it.☆17Feb 28, 2023Updated 3 years ago
- Notify is a helper utility written in Go that allows you to post output to multiple platforms.☆18May 27, 2022Updated 3 years ago
- SendToXray - Burp Suite Extender, Send HTTP request to XRAY proxy.☆11May 22, 2021Updated 4 years ago
- A very vulnerable implementation of a GraphQL API.☆61Nov 12, 2021Updated 4 years ago
- Quick Repo for any Bug Hunter☆15May 19, 2021Updated 4 years ago
- BigBlueButton versions lower than 2.2.4 have a LFI vulnerability allowing access to sensitive files. 🚨☆14Apr 23, 2020Updated 5 years ago
- ☆13Apr 26, 2016Updated 9 years ago
- ☆13Oct 15, 2018Updated 7 years ago
- A simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau☆12Jun 28, 2021Updated 4 years ago
- A collection of http fuzzing python scripts to fuzz HTTP servers for bugs.☆16Oct 1, 2023Updated 2 years ago
- ☆13Jul 12, 2021Updated 4 years ago
- A simple tool which makes creating nuclei templates even easier.☆37Jun 23, 2024Updated last year
- Python script to launch burp scans automatically☆32Jul 18, 2021Updated 4 years ago
- Somewhat Reliable PoC Exploit for CVE-2022-36804 (BitBucket Critical Command Injection)☆16Nov 23, 2023Updated 2 years ago
- ☆16Jun 23, 2024Updated last year
- Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager☆15Jan 21, 2023Updated 3 years ago
- POC MS15-034☆33Apr 28, 2015Updated 10 years ago
- Load ssp dll golang implementation☆19Jan 18, 2022Updated 4 years ago
- Articles accumulated by the 360Quake team.☆15Jun 18, 2021Updated 4 years ago
- ☆42Jul 14, 2021Updated 4 years ago
- Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.☆20Feb 2, 2024Updated 2 years ago
- ☆16Apr 21, 2023Updated 2 years ago
- Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used t…☆294Sep 2, 2025Updated 6 months ago
- URL Fuzzer☆20Nov 22, 2024Updated last year
- jmreport/qurestSql 未授权SQL注入批量扫描poc Jeecg-Boot是一款基于Spring Boot和Jeecg-Boot-Plus的快速开发平台,最新的jeecg-boot 3.5.0 中被爆出多个SQL注入漏洞。☆21Jun 20, 2023Updated 2 years ago
- A tool for auditing medical devices and healthcare infrastructure☆22Dec 28, 2025Updated 2 months ago
- A repo for tools, utils, and wrappers that are to small to put in their own repo.☆23Mar 18, 2023Updated 2 years ago
- Host Header Injection Checker☆84Mar 2, 2022Updated 4 years ago