darkfiv/QaFuzz

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/darkfiv/QaFuzz)

darkfiv / QaFuzz

☆44

Alternatives and similar repositories for QaFuzz

Users that are interested in QaFuzz are comparing it to the libraries listed below

Sorting:

Darkfi5 / FFuzzApi
View on GitHub
Assist security researchers in identifying threats
☆14Sep 4, 2024Updated last year
ifacker / WIHscan
View on GitHub
ARL 灯塔的 WIH 利用
☆32Jul 2, 2024Updated last year
M1k0er / SSRF-SCAN
View on GitHub
一款被动扫描ssrf的burpsuite插件
☆21Dec 30, 2022Updated 3 years ago
h00klod0er / JSFindAPI
View on GitHub
JSFindAPI是一款自动从html页面中获取js链接，并自动访问js提取js中的api路径，然后自动进行api未授权测试的插件，同时也可被动监听，当访问js时自动提取api进行访问，提取api接口主要根据AJAX，XMLHttpRequest，axios，Vue.js等…
☆30Oct 20, 2025Updated 4 months ago
Deep0 / XSS-Detector
View on GitHub
XSS-Detector是一款基于多线程并发架构的Burp Suite扩展插件，通过精确请求-响应映射机制高效检测Web应用中的XSS漏洞。
☆24Apr 27, 2025Updated 10 months ago
qianxiao996 / BurpSuite-FrameScan
View on GitHub
☆40Nov 25, 2024Updated last year
InsBug / ARLtoAWVS
View on GitHub
ARL与AWVS联动，实现自动化扫描并推送结果
☆20Jul 11, 2024Updated last year
Chave0v0 / AutoFuzz
View on GitHub
AutoFuzz是一款安全测试的辅助型BurpSuite插件，主要用于自动识别请求中的参数，根据预设的payload逐个发包测试，从而提高测试效率。
☆116Jun 2, 2025Updated 9 months ago
KaGty1 / SSRF_Detector
View on GitHub
SSRF_Detector是一款基于Burpsuite MontoyaAPI的黑盒SSRF漏洞自动化检测工具，用于检测无回显&全回显SSRF漏洞，提供了多种功能供用户自定义，包括但不限于关键字配置，Payload配置以及检测字符串配置
☆44Apr 8, 2025Updated 10 months ago
cyberspacesec / go-finger
View on GitHub
GXX是一款强大的指纹识别工具，基于YAML配置的规则进行目标系统识别。本工具支持多种协议（HTTP/HTTPS、TCP、UDP），可进行高效的批量目标扫描和精准识别。
☆30Feb 22, 2026Updated last week
libaibaia / BucketVulTools
View on GitHub
Burpsuite存储桶配置不当漏洞检测插件
☆195Jul 16, 2025Updated 7 months ago
darkfiv / AIFuzzing
View on GitHub
☆169Dec 26, 2025Updated 2 months ago
bingtangbanli / jsfinderPro
View on GitHub
js文件敏感信息内容提取
☆28Aug 22, 2023Updated 2 years ago
eeeeeeeeee-code / AutoFuzzBurp
View on GitHub
各类综合 upload_fuzz,smb_fuzz,tls绕过,被动指纹扫描
☆69Jun 6, 2025Updated 8 months ago
darkfiv / DouSql
View on GitHub
☆224Feb 4, 2026Updated 3 weeks ago
LouisSina / v_jstools
View on GitHub
☆13Oct 6, 2022Updated 3 years ago
r00tSe7en / URLPath
View on GitHub
批量处理url链接，获取多级路径并打印
☆47Jul 12, 2023Updated 2 years ago
handbye / base64encode
View on GitHub
burpsuite POST数据包base64编码插件
☆17Mar 14, 2024Updated last year
Yn8rt / Jssx
View on GitHub
xss漏洞挖掘插件
☆37Feb 6, 2025Updated last year
yingfff123 / MUKI
View on GitHub
Muki is an active asset fingerprinting tool built for red teams — powered by 30,000+ precision signatures, proxy rotation, and intelligen…
☆105Jan 13, 2026Updated last month
polite-007 / Milkyway
View on GitHub
一款全方位扫描工具，具备高效的机器探活，端口探活，协议识别，指纹识别，漏洞扫描等功能
☆391Sep 13, 2025Updated 5 months ago
Bains-sec / BowserSecCheckingTool
View on GitHub
浏览器数据清除脚本，可以检查浏览器中有没有存储特定网址的密码，然后实行数据的清除，主要是用于攻防演练中蓝队防止钓鱼获取浏览器密码。
☆18Jul 8, 2024Updated last year
youki992 / ShiningZ
View on GitHub
"闪紫"（英文名shiningZ）社工字典生成工具，支持ABC自定义排列组合、ABC列字典AI扩展、AI提示词联想字典、自定义AI提示、字典去重、结果导出等
☆31Oct 27, 2025Updated 4 months ago
Lotus6 / AutoRepeater
View on GitHub
Burp插件，自动化挖掘SSRF，Redirect，Sqli漏洞，自定义匹配参数
☆451Sep 10, 2023Updated 2 years ago
code-scan / Goal
View on GitHub
Goal Go Red-Team 工具类
☆44Jan 15, 2025Updated last year
Luci4n555 / ApiFuzzDictionary
View on GitHub
红队API接口Fuzz字典，WEB安全，渗透测试，API，字典
☆86Apr 28, 2024Updated last year
YutuSec / ActiveMQ_Crack
View on GitHub
ActiveMQ系列漏洞探测利用工具，包括ActiveMQ 默认口令漏洞及ActiveMQ任意文件写入漏洞（CVE-2016-3088），支持批量探测利用。
☆19Apr 2, 2022Updated 3 years ago
v9d0g / CVE-2024-43044-POC
View on GitHub
CVE-2024-43044的利用方式
☆20Aug 13, 2024Updated last year
RuoJi6 / cloud-security
View on GitHub
☆16Mar 1, 2024Updated 2 years ago
chasingboy / dirsx
View on GitHub
dirsx 是一款能够自动化过滤扫描结果的目录扫描工具
☆357Nov 18, 2025Updated 3 months ago
SharpKean / Burp_TLA
View on GitHub
Burp插件 TLA Watcher：分为两个模块：流量管理模块、扩展功能模块（脆弱风险检测）
☆39Nov 13, 2025Updated 3 months ago
handbye / RSVmpBypass
View on GitHub
瑞数VMP bypass工具，适用于burpsuite。
☆69Apr 10, 2025Updated 10 months ago
fKzhangsa / FilterJs
View on GitHub
Burp的JS API接口过滤插件
☆127Dec 27, 2023Updated 2 years ago
GrassWorkshop / wxapkg_infosearch
View on GitHub
一款微信小程序源码包信息收集工具，根据已有项目改编
☆24Feb 11, 2025Updated last year
Mosuan / AuditRss
View on GitHub
AuditRss用于监控大佬博客的Rss，然后推送到钉钉
☆19May 22, 2023Updated 2 years ago
Ernket / xia_sql_modify
View on GitHub
瞎注修改版，新增了参数黑名单、返回包列排序、数据包内容自动匹配替换的功能
☆24Mar 19, 2025Updated 11 months ago
TonyD0g / Groundhog
View on GitHub
基于load data逻辑漏洞的Mysql蜜罐
☆23Jul 14, 2025Updated 7 months ago
saoshao / DetSql
View on GitHub
Burp插件，快速探测可能存在SQL注入的请求并标记，提高测试效率
☆743Dec 24, 2025Updated 2 months ago
achenc1013 / xss_scanner_mix
View on GitHub
这是一个全面的Web应用安全扫描工具，专注于检测XSS（跨站脚本）漏洞，同时也能够发现其他类型的Web安全漏洞。该工具支持多种扫描模式、不同级别的有效载荷和详细的漏洞报告。
☆60Mar 13, 2025Updated 11 months ago