dub-flow / sessionprobe
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
☆446Updated 11 months ago
Alternatives and similar repositories for sessionprobe:
Users that are interested in sessionprobe are comparing it to the libraries listed below
- Pen Test Report Generation and Assessment Collaboration☆469Updated last week
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆405Updated last month
- ☆472Updated 10 months ago
- RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…☆620Updated 9 months ago
- AI-powered ffuf wrapper☆301Updated 3 months ago
- An offensive data enrichment pipeline☆668Updated last month
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆601Updated 3 months ago
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆339Updated 3 months ago
- A RedTeam Toolkit☆394Updated 4 months ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆331Updated last year
- Find CVEs associated to Linux and public exploits on github☆117Updated last year
- Pentest Report Generator☆396Updated this week
- The Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbit…☆362Updated last week
- ☆218Updated 8 months ago
- Nuclei templates for honeypots detection.☆196Updated last year
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆665Updated this week
- Halberd : Multi-Cloud Attack Platform☆250Updated last week
- Websec interview questions by tib3rius answered☆306Updated last year
- ☆237Updated last month
- Zero-dollar attack surface management tool☆275Updated 10 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆624Updated last year
- Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.☆667Updated 4 months ago
- 💀 Don't fear the Reaper 👻☆470Updated this week
- Discover new target domains using Content Security Policy☆398Updated this week
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows☆283Updated last year
- A streamlined tool for discovering private TLDs for security research.☆180Updated this week
- Fast and customizable vulnerability scanner For JIRA written in Python☆316Updated 2 months ago
- hauditor is a tool designed to analyze the security headers returned by a web page.☆167Updated 8 months ago
- LEAKEY is a bash script which checks and validates for leaked credentials. The idea behind LEAKEY is to make it highly customizable and e…☆347Updated last year
- A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that …☆240Updated 2 years ago