dub-flow / sessionprobe
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
☆448Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for sessionprobe
- ☆447Updated 6 months ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆381Updated 3 months ago
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆391Updated last week
- Pen Test Report Generation and Assessment Collaboration☆443Updated last week
- RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…☆583Updated 5 months ago
- A RedTeam Toolkit☆385Updated last month
- Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbitrary binaries and scripts using any of our eight s…☆258Updated this week
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆544Updated last week
- Discover new target domains using Content Security Policy☆383Updated this week
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆313Updated 6 months ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆845Updated 10 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆533Updated 11 months ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆317Updated 11 months ago
- Pentest Report Generator☆377Updated 2 months ago
- Zero-dollar attack surface management tool☆262Updated 7 months ago
- hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.☆428Updated 2 years ago
- An offensive data enrichment pipeline☆616Updated 2 months ago
- ☆193Updated 6 months ago
- Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scena…☆141Updated 2 months ago
- A suite for hunting suspicious targets, expose domains and phishing discovery☆328Updated last month
- ☆217Updated last year
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,☆562Updated 8 months ago
- Web Security Scanner☆306Updated 6 months ago
- A humble, and 𝗳𝗮𝘀𝘁, security-oriented HTTP headers analyzer.☆262Updated this week
- Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty☆269Updated 5 months ago
- Nuclei templates for honeypots detection.☆194Updated last year
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows☆275Updated last year
- A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that …☆237Updated 2 years ago
- A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon☆228Updated last year
- Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitati…☆374Updated 9 months ago