carlospolop / fuzzhttpbypass

Related projects: ⓘ

• hansmach1ne / LFImap
  Local File Inclusion discovery and exploitation tool
  ☆210Updated last month
• Net-hunter121 / API-Wordlist
  ☆233Updated 3 years ago
• pdelteil / BugBountyReportTemplates
  List of reporting templates I have used since I started doing BBH.
  ☆226Updated this week
• 0xElkot / Bug-Bounty-Automation
  ☆107Updated last year
• Th0h0 / autossrf
  Smart context-based SSRF vulnerability scanner.
  ☆323Updated 2 years ago
• Syzik / DockerRegistryGrabber
  Enumerate / Dump Docker Registry
  ☆156Updated 5 months ago
• osmedeus / osmedeus-base
  Build your own reconnaissance system with Osmedeus Next Generation
  ☆176Updated 3 months ago
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆196Updated 2 years ago
• root-tanishq / userefuzz
  User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
  ☆369Updated last year
• Karmaz95 / crimson
  Web Application Security Testing Tools
  ☆230Updated 6 months ago
• mlcsec / headi
  Customisable and automated HTTP header injection
  ☆224Updated 2 months ago
• Josue87 / gotator
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆445Updated 2 years ago
• xnl-h4ck3r / knoxnl
  This is a python wrapper around the amazing KNOXSS API by Brute Logic
  ☆207Updated 4 months ago
• 0xDexter0us / Scavenger
  Burp extension to create target specific and tailored wordlist from burp history.
  ☆228Updated 2 years ago
• hisxo / JSpector
  A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
  ☆342Updated last year
• pdelteil / BugBountyHuntingScripts
  ☆192Updated this week
• d3mondev / burp-vps-proxy
  This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.
  ☆236Updated last year
• ferreiraklet / airixss
  Finding XSS during recon
  ☆245Updated 2 years ago
• daffainfo / Oneliner-Bugbounty
  A collection oneliner scripts for bug bounty
  ☆167Updated 5 months ago
• knassar702 / lorsrf
  Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load
  ☆287Updated last year
• ameenmaali / urldedupe
  Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
  ☆328Updated 4 years ago
• bp0lr / gauplus
  ☆282Updated 2 years ago
• daffainfo / match-replace-burp
  Useful "Match and Replace" burpsuite rules
  ☆324Updated 11 months ago
• trickest / mkpath
  Make URL path combinations using a wordlist
  ☆170Updated 11 months ago
• SAPT01 / HBSQLI
  Automated Tool for Testing Header Based Blind SQL Injection
  ☆261Updated last year
• sw33tLie / sns
  IIS shortname scanner written in Go
  ☆299Updated last year
• Sn1r / Forbidden-Buster
  A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas i…
  ☆153Updated 2 weeks ago
• edoardottt / missing-cve-nuclei-templates
  Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…
  ☆318Updated this week
• rs-loves-bugs / xsshunter
  ☆150Updated last month
• SirBugs / endext
  EndExt is a .go tool for extracting all the possible endpoints from the JS files
  ☆175Updated 2 months ago