Alternatives and similar repositories for wsrepl

Users that are interested in wsrepl are comparing it to the libraries listed below

• d0ge / sign-saboteur
  SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens
  ☆161Updated 7 months ago
• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆270Updated 4 months ago
• Moopinger / smugglefuzz
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆302Updated last year
• cybervelia / graphicator
  A GraphQL enumeration and extraction tool
  ☆131Updated 2 years ago
• usdAG / FlowMate
  FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…
  ☆162Updated 8 months ago
• intruder-io / guidtool
  A tool to inspect and attack version 1 GUIDs
  ☆227Updated 2 years ago
• yeswehack / pp-finder
  PP-finder Help you find gadget for prototype pollution exploitation
  ☆165Updated 11 months ago
• Invicti-Security / brainstorm
  A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery
  ☆315Updated 7 months ago
• AethliosIK / reset-tolkien
  Unsecure time-based secret exploitation and Sandwich attack implementation Resources
  ☆146Updated 7 months ago
• c3l3si4n / pugdns
  An experimental high-performance DNS query bruteforce tool built with AF_XDP for extremely fast and accurate bulk DNS lookups.
  ☆216Updated last week
• adityatelange / bhhb
  Burp HTTP history browser (BHHB) - A tool to view HTTP history exported from Burp Suite Community Edition
  ☆125Updated 8 months ago
• trickest / find-gh-poc
  Find CVE PoCs on GitHub
  ☆147Updated last year
• snyk / socketsleuth
  Burp Extension to add additional functionality for pentesting websocket based applications
  ☆95Updated last year
• daffainfo / all-about-apikey
  Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)
  ☆276Updated last year
• projectdiscovery / interactsh-web
  Web dashboard for Interactsh client
  ☆224Updated last month
• PortSwigger / js-miner
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆68Updated last year
• pry0cc / proteus
  A projectdiscovery driven attack surface monitoring bot powered by axiom
  ☆182Updated 2 years ago
• securebinary / firebaseExploiter
  FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily bui…
  ☆162Updated 2 years ago
• doyensec / Session-Hijacking-Visual-Exploitation
  Session Hijacking Visual Exploitation
  ☆201Updated last year
• nxenon / h2spacex
  HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy‌ + Exploit Timing Attacks
  ☆183Updated last month
• trufflesecurity / of-CORS
  ☆152Updated last year
• google / protobuf-extensibility-for-burp
  ☆86Updated last year
• doyensec / CSPTPlayground
  CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).
  ☆128Updated 3 months ago
• usdAG / cstc
  CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
  ☆238Updated last week
• avlidienbrunn / archivealchemist
  Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.
  ☆131Updated last week
• six2dez / obsidian-pentesting-vault
  Sample Obsidian's vault for web pentesting
  ☆97Updated 11 months ago
• devploit / debugHunter
  Discover hidden debugging parameters and uncover web application secrets
  ☆240Updated last year
• trickest / dsieve
  Filter and enrich a list of subdomains by level
  ☆207Updated last year
• dhn / udon
  A simple tool that helps to find assets/domains based on the Google Analytics ID.
  ☆176Updated 6 months ago
• y0k4i-1337 / clairvoyancex
  Obtain GraphQL API schema despite disabled introspection!
  ☆68Updated 4 years ago