doyensec / wsreplLinks
WebSocket REPL for pentesters
☆233Updated last year
Alternatives and similar repositories for wsrepl
Users that are interested in wsrepl are comparing it to the libraries listed below
Sorting:
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆165Updated 3 months ago
- A GraphQL enumeration and extraction tool☆134Updated 3 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆311Updated last year
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆165Updated last year
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆148Updated last year
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆68Updated last year
- HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy + Exploit Timing Attacks☆211Updated last week
- ☆92Updated 2 months ago
- FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily bui…☆174Updated 3 years ago
- PP-finder Help you find gadget for prototype pollution exploitation☆187Updated last year
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆282Updated 4 months ago
- An experimental high-performance DNS query bruteforce tool built with AF_XDP for extremely fast and accurate bulk DNS lookups.☆247Updated 7 months ago
- A tool to inspect and attack version 1 GUIDs☆239Updated 3 years ago
- unleashed ffuf☆238Updated 3 months ago
- A simple tool that helps to find assets/domains based on the Google Analytics ID.☆179Updated 3 weeks ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆103Updated 5 months ago
- Burp HTTP history browser (bhhb) - A tool to view HTTP history exported from Burp Suite Community Edition☆130Updated last year
- Unicode characters that will translate a single character to multiple characters in domain names or TLD's☆50Updated last year
- A streamlined tool for discovering private TLDs for security research.☆239Updated this week
- The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.☆103Updated 6 months ago
- Web dashboard for Interactsh client☆238Updated 3 weeks ago
- Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.☆225Updated 6 months ago
- ☆154Updated 2 years ago
- Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z and zip-like (jar, war,…☆113Updated 8 months ago
- Session Hijacking Visual Exploitation☆210Updated last year
- Obtain GraphQL API schema despite disabled introspection!☆72Updated 4 years ago
- gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications (Official BApp Extension Available)☆245Updated 3 months ago
- ☆173Updated 5 months ago
- Filter and enrich a list of subdomains by level☆210Updated 2 years ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆151Updated 10 months ago