carlospolop / fuzzhttpbypass
This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
☆209Updated last month
Related projects: ⓘ
- Local File Inclusion discovery and exploitation tool☆210Updated last month
- ☆233Updated 3 years ago
- List of reporting templates I have used since I started doing BBH.☆226Updated this week
- ☆107Updated last year
- Smart context-based SSRF vulnerability scanner.☆323Updated 2 years ago
- Enumerate / Dump Docker Registry☆156Updated 5 months ago
- Build your own reconnaissance system with Osmedeus Next Generation☆176Updated 3 months ago
- Prototype pollution scanner using headless chrome☆196Updated 2 years ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆369Updated last year
- Web Application Security Testing Tools☆230Updated 6 months ago
- Customisable and automated HTTP header injection☆224Updated 2 months ago
- Gotator is a tool to generate DNS wordlists through permutations.☆445Updated 2 years ago
- This is a python wrapper around the amazing KNOXSS API by Brute Logic☆207Updated 4 months ago
- Burp extension to create target specific and tailored wordlist from burp history.☆228Updated 2 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆342Updated last year
- ☆192Updated this week
- This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.☆236Updated last year
- Finding XSS during recon☆245Updated 2 years ago
- A collection oneliner scripts for bug bounty☆167Updated 5 months ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆287Updated last year
- Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations☆328Updated 4 years ago
- ☆282Updated 2 years ago
- Useful "Match and Replace" burpsuite rules☆324Updated 11 months ago
- Make URL path combinations using a wordlist☆170Updated 11 months ago
- Automated Tool for Testing Header Based Blind SQL Injection☆261Updated last year
- IIS shortname scanner written in Go☆299Updated last year
- A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas i…☆153Updated 2 weeks ago
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆318Updated this week
- ☆150Updated last month
- EndExt is a .go tool for extracting all the possible endpoints from the JS files☆175Updated 2 months ago