chennylmf / OWASP-Web-App-Pentesting-checklists
☆71Updated 4 years ago
Alternatives and similar repositories for OWASP-Web-App-Pentesting-checklists:
Users that are interested in OWASP-Web-App-Pentesting-checklists are comparing it to the libraries listed below
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago
- AWS S3 open bucket poc automated script.☆57Updated 3 years ago
- Suite of programs meant to aid in bug hunting and security assessments☆77Updated 5 years ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path☆103Updated 4 years ago
- Script to test open Akamai ARL vulnerability.☆71Updated 3 years ago
- Penetration Testing Checklist☆35Updated 4 years ago
- Takeover AWS ips and have a working POC for Subdomain Takeover.☆90Updated last month
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆131Updated 4 years ago
- part of my wordlist to bruteforce DNS to find subdoamains.☆62Updated 3 years ago
- Misc bounty and vulndisc things☆84Updated 4 years ago
- ☆76Updated 4 years ago
- ☆59Updated 8 months ago
- ☆61Updated 7 months ago
- ☆48Updated 4 years ago
- A simple Bash one liner with aim to automate CRLF vulnerability scanning.☆68Updated 4 years ago
- Workshop given at Hack in Paris 2019☆121Updated last year
- A collection of code for interacting with API sources directly to improve your understanding of those services.☆66Updated 4 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆75Updated 2 years ago
- Reestructured LemonBooster.☆47Updated 7 months ago
- Weaponizing Live CT logs for automated monitoring of assets☆133Updated 3 years ago
- jenkinz is a tool to retrieve every build for every job ever created and run on a given Jenkins instance.☆67Updated 5 years ago
- A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bul…☆99Updated 3 years ago
- Searching for virtual hosts among non-resolvable domains☆87Updated 4 years ago
- A Burp Suite Extension for parsing Project Files from the CLI.☆87Updated 5 months ago
- Simple fork from degoogle original project with bug hunting purposes☆87Updated 2 years ago
- A burpsuite extension that helps security researchers find public security reports published on h1 based on the selected host☆42Updated 4 years ago
- KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…☆58Updated 3 years ago
- Recon Custom WordList Ganerator☆57Updated 4 years ago
- ☆17Updated 3 years ago
- This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…☆60Updated 6 years ago