brinhosa / apidetector
APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
☆303Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for apidetector
- Nuclei AI - Browser Extension for Rapid Nuclei Template Generation☆448Updated last year
- A rapid HTTP downgrade smuggling scanner written in Go.☆248Updated 6 months ago
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows☆275Updated last year
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆313Updated 6 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆543Updated this week
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆338Updated this week
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆252Updated 7 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆141Updated last month
- A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas i…☆163Updated 2 months ago
- ☆193Updated 6 months ago
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆246Updated 7 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆155Updated last week
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆50Updated 6 months ago
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆390Updated last week
- Smart context-based SSRF vulnerability scanner.☆347Updated 2 years ago
- Fuzz 401/403/404 pages for bypasses☆253Updated 3 months ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆381Updated 3 months ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆317Updated 9 months ago
- Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbitrary binaries and scripts using any of our eight s…☆255Updated this week
- Black box fuzzer for web applications☆404Updated 4 months ago
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty☆186Updated 4 months ago
- ☆196Updated 4 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆533Updated 11 months ago
- SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty☆429Updated last month
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆342Updated last year
- Session Hijacking Visual Exploitation☆194Updated 8 months ago
- Search for sensitive data in Postman public library.☆184Updated 3 months ago
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,☆562Updated 7 months ago
- NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications☆312Updated 4 months ago
- 😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with default credentials.☆101Updated 8 months ago