dub-flow / sessionprobe
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
☆449Updated last year
Alternatives and similar repositories for sessionprobe:
Users that are interested in sessionprobe are comparing it to the libraries listed below
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆411Updated 3 months ago
- ☆486Updated last year
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆644Updated 3 weeks ago
- Pen Test Report Generation and Assessment Collaboration☆520Updated this week
- RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…☆636Updated 11 months ago
- AI-powered ffuf wrapper☆478Updated 5 months ago
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆351Updated 5 months ago
- Zero-dollar attack surface management tool☆287Updated last year
- An offensive data enrichment pipeline☆674Updated 3 weeks ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆336Updated last year
- ☆239Updated 3 months ago
- Pentest Report Generator☆407Updated this week
- A RedTeam Toolkit☆397Updated last month
- The Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbit…☆483Updated last week
- A suite for hunting suspicious targets, expose domains and phishing discovery☆358Updated 2 weeks ago
- Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.☆691Updated 6 months ago
- Websec interview questions by tib3rius answered☆308Updated last year
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆329Updated 2 months ago
- ☆312Updated last year
- Find CVEs associated to Linux and public exploits on github☆117Updated 3 weeks ago
- Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitati…☆411Updated last year
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆634Updated last year
- SubSnipe is a tool designed to help find subdomains that are vulnerable to takeover.☆120Updated 3 months ago
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows☆290Updated last year
- Web Security Scanner☆315Updated 11 months ago
- Domain_checker application is the trial/demo version for the new EASM (External Attack Surface Management) system called HydrAttack (hydr…☆187Updated last year
- ☆425Updated 8 months ago
- ☆230Updated 10 months ago
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,☆643Updated last year
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆722Updated this week