cve-search / git-vuln-finder
Finding potential software vulnerabilities from git commit messages
☆398Updated last year
Related projects ⓘ
Alternatives and complementary repositories for git-vuln-finder
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆347Updated 4 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆296Updated last year
- secretz, minimizing the large attack surface of Travis CI☆321Updated 2 years ago
- ☆175Updated 2 weeks ago
- Tool for catching and logging different types of requests.☆219Updated 4 years ago
- A curated list of awesome browser security learning material.☆130Updated 2 years ago
- ☆656Updated 2 years ago
- A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for…☆188Updated 4 years ago
- A simple SSRF-testing sheriff written in Go☆316Updated 3 weeks ago
- A Node.js vulnerability finding tool.☆95Updated 4 years ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆356Updated 3 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆252Updated 2 years ago
- DNS rebinding toolkit☆250Updated last year
- Grammar-based HTTP/1 fuzzer with mutation ability☆243Updated 3 weeks ago
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆675Updated last year
- ☆684Updated last year
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆443Updated 5 years ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆197Updated last year
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆701Updated 3 months ago
- Client Side Prototype Pollution Scanner☆511Updated 2 years ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering☆209Updated 3 years ago
- Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.☆589Updated 2 years ago
- Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.☆121Updated last year
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆280Updated 4 months ago
- Probe a rendering engine for vulnerabilities and other features☆366Updated 3 years ago
- vulnerable single sign on☆147Updated 3 months ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆307Updated 7 months ago