detectify / ugly-ducklingLinks
Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules
☆188Updated 3 years ago
Alternatives and similar repositories for ugly-duckling
Users that are interested in ugly-duckling are comparing it to the libraries listed below
Sorting:
- Weaponizing Live CT logs for automated monitoring of assets☆135Updated 3 years ago
- ASN reconnaissance script☆130Updated last year
- ☆69Updated 3 years ago
- Adds a customizable "Send to..."-context-menu to your BurpSuite.☆163Updated 2 years ago
- Bucky (An automatic S3 bucket discovery tool)☆197Updated 3 years ago
- Cross Origin Resource Sharing MisConfiguration Scanner☆175Updated 3 years ago
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…☆203Updated 2 years ago
- DNS and Target HTTP History Local Storage and Search☆64Updated 4 years ago
- A Burp Suite Extension for parsing Project Files from the CLI.☆87Updated 10 months ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆92Updated last month
- ☆71Updated 4 years ago
- Custom scripts for the PIPER Burp extensions.☆98Updated last year
- A blazing fast & feature rich Amazon S3 bucket enumerator.☆98Updated 3 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆179Updated 2 years ago
- The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources☆135Updated 4 years ago
- You can read the writeup on this script here☆193Updated 3 years ago
- ☆72Updated 3 years ago
- Clientside vulnerability / reflected xss fuzzer☆150Updated 2 years ago
- Prototype pollution scanner using headless chrome☆220Updated 3 years ago
- xss development frameworks, with the goal of making payload writing easier.☆147Updated last year
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆132Updated 4 years ago
- An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.☆213Updated 4 years ago
- Tools to assess the DNS security of web applications☆128Updated 2 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 4 years ago
- A collection of code for interacting with API sources directly to improve your understanding of those services.☆65Updated 4 years ago
- Make concurrent requests with the curl command-line tool☆74Updated 5 years ago
- ☆108Updated 4 years ago
- Searching for virtual hosts among non-resolvable domains☆88Updated 5 years ago
- Python utility to takeover domains vulnerable to AWS NS Takeover☆87Updated 2 years ago
- A script that can resolve an input file of domains and scan them with masscan☆155Updated 4 years ago