dub-flow / sessionprobe
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
☆447Updated 10 months ago
Alternatives and similar repositories for sessionprobe:
Users that are interested in sessionprobe are comparing it to the libraries listed below
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆436Updated this week
- RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…☆616Updated 8 months ago
- ☆467Updated 9 months ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆401Updated 3 weeks ago
- A RedTeam Toolkit☆395Updated 3 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆585Updated 3 months ago
- Pen Test Report Generation and Assessment Collaboration☆462Updated this week
- ☆236Updated 3 weeks ago
- An offensive data enrichment pipeline☆659Updated 2 weeks ago
- The Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbit…☆334Updated last week
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆335Updated 2 months ago
- Pentest Report Generator☆394Updated this week
- AI-powered ffuf wrapper☆289Updated 2 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆622Updated last year
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆857Updated last year
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆330Updated last year
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆229Updated last year
- Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scena…☆172Updated 5 months ago
- Zero-dollar attack surface management tool☆270Updated 10 months ago
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,☆578Updated 11 months ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆318Updated last month
- Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.☆661Updated 4 months ago
- A library for detecting known secrets across many web frameworks☆588Updated this week
- Attack surface detector that identifies endpoints by static analysis☆656Updated this week
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆320Updated 3 months ago
- ☆260Updated last year
- Nuclei templates for honeypots detection.☆196Updated last year
- Find CVEs associated to Linux and public exploits on github☆117Updated last year
- ☆420Updated 5 months ago
- ☆197Updated 9 months ago