cve-search / git-vuln-finderView external linksLinks
Finding potential software vulnerabilities from git commit messages
☆419Oct 7, 2023Updated 2 years ago
Alternatives and similar repositories for git-vuln-finder
Users that are interested in git-vuln-finder are comparing it to the libraries listed below
Sorting:
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- ☆92Dec 8, 2022Updated 3 years ago
- DOM XSS scanner for Single Page Applications☆417Nov 15, 2025Updated 3 months ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- Burp Extension written in Jython to hunt for common vulnerabilities found in websites. Developed by Gaurav Narwani to help people find vu…☆250Apr 27, 2020Updated 5 years ago
- A highly configurable Framework for easy automated web scanning☆381Jul 13, 2020Updated 5 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆346Nov 20, 2022Updated 3 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆173Nov 11, 2020Updated 5 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆645Feb 21, 2024Updated last year
- FockCache - Minimalized Test Cache Poisoning☆111Feb 3, 2020Updated 6 years ago
- Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.☆1,546Mar 7, 2024Updated last year
- Security tool (now AI powered 🤖) to find potential vulnerable Server Side Request Forgery (SSRF) parameters.☆354Updated this week
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,731Updated this week
- CVE-2017-9506 - SSRF☆190Feb 14, 2022Updated 4 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,770Apr 26, 2024Updated last year
- A tool that turns the authoritative nameservers of DNS providers to resolvers and resolves the target domain list. Please think of this a…☆25Sep 19, 2019Updated 6 years ago
- Take a list of domains/subdomains and probe for working http/https server.☆192Sep 8, 2020Updated 5 years ago
- The Swiss Army knife for automated Web Application Testing☆2,324May 8, 2024Updated last year
- Local file inclusion exploitation tool☆925Oct 1, 2025Updated 4 months ago
- Automatic SSRF fuzzer and exploitation tool☆3,479Sep 4, 2025Updated 5 months ago
- Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.☆1,397Updated this week
- Burp Suite extension to discover assets from HTTP response.☆231Jan 22, 2025Updated last year
- vulnerable single sign on☆150Aug 1, 2024Updated last year
- Client Side Prototype Pollution Scanner☆524Sep 17, 2022Updated 3 years ago
- Security Testing Scripts for JWT☆327Jun 30, 2022Updated 3 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆674Jan 28, 2024Updated 2 years ago
- Cross Origin Resource Sharing MisConfiguration Scanner☆173Nov 17, 2021Updated 4 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- A tool to automate the boring process of APK recon☆346Sep 30, 2022Updated 3 years ago
- This tool can be used to brute discover GET and POST parameters☆1,390Aug 24, 2019Updated 6 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆361Mar 6, 2025Updated 11 months ago
- gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, G…☆2,244Jun 10, 2025Updated 8 months ago
- FestIn - Open S3 Bucket Scanner☆231Dec 4, 2020Updated 5 years ago
- A collection of tools to perform searches on GitHub.☆1,464Feb 9, 2023Updated 3 years ago
- Dump all available paths and/or endpoints on WADL file.☆98Nov 24, 2025Updated 2 months ago
- Notes about attacking Jenkins servers☆2,090Jul 10, 2024Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,484Oct 12, 2024Updated last year