detectify / ugly-duckling

Related projects ⓘ

Alternatives and complementary repositories for ugly-duckling

• david3107 / graphql-security-labs
  GraphQL security workshop labs
  ☆102Updated 4 months ago
• Static-Flow / gofingerprint
  GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…
  ☆201Updated last year
• pry0cc / proteus
  A projectdiscovery driven attack surface monitoring bot powered by axiom
  ☆178Updated 2 years ago
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆197Updated 2 years ago
• codingo / bbr
  An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
  ☆205Updated 4 years ago
• wallarm / jwt-heartbreaker
  The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
  ☆124Updated 4 years ago
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆263Updated last year
• In3tinct / Taken
  Takeover AWS ips and have a working POC for Subdomain Takeover.
  ☆89Updated 7 months ago
• Shivangx01b / CorsMe
  Cross Origin Resource Sharing MisConfiguration Scanner
  ☆169Updated 3 years ago
• devanshbatham / CertEagle
  Weaponizing Live CT logs for automated monitoring of assets
  ☆133Updated 3 years ago
• trufflesecurity / of-CORS
  ☆146Updated last year
• BuffaloWill / burpsuite-project-file-parser
  A Burp Suite Extension for parsing Project Files from the CLI.
  ☆84Updated last month
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆138Updated 3 years ago
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated 2 years ago
• ameenmaali / qsfuzz
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆296Updated last year
• Santandersecurityresearch / corsair_scan
  Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).
  ☆122Updated last year
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆168Updated 2 years ago
• brevityinmotion / brevityrecon
  ☆68Updated 2 years ago
• szski / shapeshifter
  GraphQL security testing tool
  ☆117Updated 2 years ago
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆295Updated this week
• BonJarber / fresh-resolvers
  List of fresh DNS resolvers updated daily
  ☆106Updated last year
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆185Updated 3 months ago
• chennylmf / OWASP-Web-App-Pentesting-checklists
  ☆71Updated 4 years ago
• codingo / crithit
  Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…
  ☆205Updated 4 years ago
• NotSoSecure / cloud-service-enum
  ☆232Updated 4 months ago
• bytebutcher / burp-send-to
  Adds a customizable "Send to..."-context-menu to your BurpSuite.
  ☆150Updated last year
• PatrikFehrenbach / amass-tools
  ☆108Updated 4 years ago