Replay any request as another user to find IDOR/BOLA/BFLA, right in the browser.
☆26Jun 16, 2026Updated 3 weeks ago
Alternatives and similar repositories for authz-replay
Users that are interested in authz-replay are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- My Main App Hacking CheckList☆31Jun 20, 2026Updated 3 weeks ago
- Stealth hybrid URL mapper☆17May 1, 2026Updated 2 months ago
- Open-source passive reconnaissance and exposure discovery tool that leverages VirusTotal and the Wayback Machine to uncover subdomains, U…☆146Jun 23, 2026Updated 3 weeks ago
- BountyLens MCP server — connect Claude Code to your Hunter Tracker☆64Jun 22, 2026Updated 3 weeks ago
- An advanced Out-of-Band and In-Band SSRF fuzzing scanner with dynamic request tracking.☆36Jun 18, 2026Updated 3 weeks ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- AI-Powered Active Directory Attack Platform☆27Jul 3, 2026Updated last week
- Burp Suite extension + port-based highlighter: dedupes HTTP history into a live unique-request feed and color-codes attacker/victim traff…☆18Jul 7, 2026Updated last week
- TokenTwin Checker — Dual Token BAC/IDOR Tester for Burp Suite☆84Jun 28, 2026Updated 2 weeks ago
- This tools used for Automating finding of subdomain, and checking for alive subdomain, and gathering js files from all the subdomain and …☆23Jun 28, 2024Updated 2 years ago
- A simple HAR-based JavaScript recon automation kit for organizing JS files, endpoints, secrets, and gf-filtered attack surface during bug…☆16May 20, 2026Updated last month
- A curated collection of my security research and bug bounty writeups, documenting real-world vulnerabilities, exploitation methods☆20Jun 29, 2026Updated 2 weeks ago
- ☆47Aug 12, 2025Updated 11 months ago
- A Caido plugin to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆42Apr 8, 2026Updated 3 months ago
- Collection of tools, scripts, one-liners, templates, dorks and more☆12Mar 21, 2026Updated 3 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Collection of documentation, tools, and tips related to vulnerability research.☆94Updated this week
- This is a companion software based on the Acunetix Web Vulnerability Scanner 13 scanning engine.☆10Oct 17, 2020Updated 5 years ago
- All-round bug bounty skill for Claude Code parallelized agents for smart contract audits (EVM, Move, Solana, TRON), web/API security, an…☆174Updated this week
- mattew crawls target websites, extracts hidden attack surface, runs security analysis, fingerprints technology, and generates professiona…☆17Jul 2, 2026Updated last week
- ☆10Oct 30, 2019Updated 6 years ago
- This repository is for the Testing ASP.NET ViewState with YSoNet (YSoSerial.NET) workshop.☆25Dec 17, 2025Updated 6 months ago
- Bug bounty methodology, checklists, and hunting notes.☆21Updated this week
- ☆16Oct 14, 2022Updated 3 years ago
- A modern HTTP and HTTPS interception proxy with custom-made extensions support.☆127Jun 17, 2026Updated 3 weeks ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Phishing scams are more rampant than ever — and I wanted to do something about it. Over the last few weeks, I’ve been working on a proje…☆18Updated this week
- acunetix 13 crack by mtd☆14Feb 29, 2020Updated 6 years ago
- Advanced test for proxy & waf☆14Feb 10, 2026Updated 5 months ago
- PoC for CVE-2026-48907 - Joomla! JCE extension < 2.9.99.5 unauthenticated RCE☆15Jun 11, 2026Updated last month
- NmapView – Nmap XML Report Viewer | Turn Nmap XML into a searchable, portable HTML report for analysis, triage, and pentest reporting.☆27Jul 7, 2026Updated last week
- Notion C2 Profile for Mythic☆47Apr 30, 2026Updated 2 months ago
- ☆18May 25, 2026Updated last month
- load arbitrary dlls, call any exported function, calls execute inside g0 as normal syscalls do from the traditional route, no syscall or …☆31May 4, 2026Updated 2 months ago
- A tool for detecting subdomain takeover vulnerabilities by checking DNS records☆33May 28, 2026Updated last month
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Open-source AI visibility monitoring and analytics. Track how your brand appears across ChatGPT, Perplexity, Google AI Overviews, and oth…☆19Jul 1, 2026Updated last week
- EDRUnChoker - fileless WMI defense that removes EDRChoker QoS throttling policies☆43Jun 8, 2026Updated last month
- ☆15Mar 21, 2025Updated last year
- Unofficial MCP server for accessing your HackerOne reports, programs, scope, and earnings from Claude Code☆40Apr 1, 2026Updated 3 months ago
- A Python tool to resolve domains to IPs, fetch related CVEs, and display open ports☆17Nov 21, 2025Updated 7 months ago
- The malicious IdP you were looking for. A weaponized Single Sign-On (SSO) Identity Provider (IdP) for security testing of OIDC and SAML 2…☆38Jun 6, 2026Updated last month
- ☆16Dec 31, 2024Updated last year