detectify / ugly-ducklingLinks
Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules
☆188Updated 3 years ago
Alternatives and similar repositories for ugly-duckling
Users that are interested in ugly-duckling are comparing it to the libraries listed below
Sorting:
- Weaponizing Live CT logs for automated monitoring of assets☆134Updated 4 years ago
- A Burp Suite Extension for parsing Project Files from the CLI.☆87Updated last year
- ASN reconnaissance script☆132Updated last year
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…☆205Updated 2 years ago
- A blazing fast & feature rich Amazon S3 bucket enumerator.☆99Updated 3 years ago
- The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources☆136Updated 5 years ago
- ☆69Updated 3 years ago
- Custom scripts for the PIPER Burp extensions.☆98Updated 2 years ago
- Cross Origin Resource Sharing MisConfiguration Scanner☆175Updated 3 years ago
- DNS and Target HTTP History Local Storage and Search☆64Updated 4 years ago
- Adds a customizable "Send to..."-context-menu to your BurpSuite.☆163Updated 2 years ago
- Retrieve the complete build history for every job ever created and executed on a given Jenkins instance.☆67Updated 5 months ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆93Updated 3 months ago
- Prototype pollution scanner using headless chrome☆219Updated 3 years ago
- xss development frameworks, with the goal of making payload writing easier.☆149Updated last year
- Clientside vulnerability / reflected xss fuzzer☆149Updated 2 years ago
- Pentesting/Bugbounty Dockerfiles.☆177Updated 4 years ago
- ☆73Updated 3 years ago
- A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate☆212Updated last year
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆132Updated 4 years ago
- A reverse whois tool based on Whoxy API.☆167Updated last year
- Searching for virtual hosts among non-resolvable domains☆88Updated 5 years ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆150Updated last year
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆191Updated 3 years ago
- ☆108Updated 5 years ago
- Tools to assess the DNS security of web applications☆128Updated 3 years ago
- ☆72Updated 5 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆299Updated 2 years ago
- ☆44Updated 5 years ago
- Scripts to help with different ffuf tasks and workflows☆222Updated last year