brinhosa / apidetectorView external linksLinks
APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
β363Mar 28, 2025Updated 10 months ago
Alternatives and similar repositories for apidetector
Users that are interested in apidetector are comparing it to the libraries listed below
Sorting:
- πΉ Python project to bruteforce Apache Tomcat manager login with known-default credentialsβ99Mar 12, 2024Updated last year
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectorsβ90Feb 3, 2024Updated 2 years ago
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines foβ¦β402Dec 22, 2025Updated last month
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application aβ¦β165Oct 28, 2025Updated 3 months ago
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headersβ309Mar 31, 2024Updated last year
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hashβ51Oct 12, 2024Updated last year
- The Most Advanced Client-Side Prototype Pollution Scannerβ245Feb 3, 2026Updated last week
- ngrok Collaborator Link β yet another Burp Collaborator alternative for free with ngrok.β114Jan 4, 2024Updated 2 years ago
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applicβ¦β463Mar 28, 2024Updated last year
- Discover hidden debugging parameters and uncover web application secretsβ248Feb 4, 2026Updated last week
- hauditor is a tool designed to analyze the security headers returned by a web page.β176Jul 6, 2024Updated last year
- A Powerful Network Reconnaissance Tool for Security Professionalsβ106Dec 29, 2024Updated last year
- β545Jun 26, 2024Updated last year
- β520Apr 29, 2024Updated last year
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issuesβ373Jul 25, 2023Updated 2 years ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.β282Sep 11, 2025Updated 5 months ago
- Identify binaries with Authenticode digital signatures signed to an internal CA/domainβ40Feb 6, 2024Updated 2 years ago
- Powershell Scripts for Blue Team membersβ11Dec 1, 2023Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.β311May 16, 2024Updated last year
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzingβ143Jun 27, 2023Updated 2 years ago
- The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The β¦β659Sep 19, 2025Updated 4 months ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ228Updated this week
- RepoReaper is an automated tool crafted to meticulously scan and identify exposed .git repositories within specified domains and their suβ¦β34Feb 20, 2024Updated last year
- β91Apr 29, 2024Updated last year
- Clientside vulnerability / reflected xss fuzzerβ149Jul 29, 2023Updated 2 years ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for cβ¦β438Dec 30, 2025Updated last month
- NetProbe: Network Probeβ173Oct 13, 2024Updated last year
- JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targetβ¦β417Jan 31, 2026Updated 2 weeks ago
- Utility to craft HTML or SVG smuggled files for Red Team engagementsβ246Mar 19, 2024Updated last year
- Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environmentβ¦β144May 17, 2024Updated last year
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.β719Feb 3, 2026Updated last week
- Create tar/zip archives that try to exploit zipslip vulnerability.β48Sep 20, 2024Updated last year
- β124Aug 24, 2025Updated 5 months ago
- γπγA tool used to hunt down API key leaks in JS files and pagesβ836Sep 4, 2025Updated 5 months ago
- Reverse shell that can bypass windows defender detectionβ169Feb 3, 2024Updated 2 years ago
- Source code and examples for PassiveAggressionβ64Jun 6, 2024Updated last year
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secretsβ1,515Jan 15, 2026Updated 3 weeks ago
- Exploit for CVE-2024-3273, supports single and multiple hostsβ13Apr 7, 2024Updated last year
- Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitatiβ¦β446Jan 25, 2024Updated 2 years ago