dwisiswant0 / ppfuzz
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
☆568Updated last year
Related projects: ⓘ
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆488Updated 2 years ago
- HTTP Request Smuggling Detection Tool☆464Updated 8 months ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆853Updated 3 months ago
- Fetches javascript file from a list of URLS or subdomains.☆735Updated last year
- ☆368Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆772Updated 2 years ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆351Updated 2 years ago
- Accept URLs on stdin, replace all query string values with a user-supplied value☆745Updated last year
- Gotator is a tool to generate DNS wordlists through permutations.☆445Updated 2 years ago
- Http request smuggling vulnerability scanner☆223Updated 2 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆287Updated last year
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆39Updated 4 months ago
- A tool to check a bunch of URLs that contain reflecting params.☆526Updated last month
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it☆443Updated 8 months ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆608Updated 5 months ago
- A fuzzer for detecting open redirect vulnerabilities☆691Updated 2 months ago
- Go client to communicate with Chaos DB API.☆621Updated this week
- declutters url lists for crawling/pentesting☆1,114Updated 3 months ago
- ☆384Updated 3 years ago
- Scan only once by IP address and reduce scan times with Nmap for large amounts of data.☆383Updated last year
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆523Updated 9 months ago
- ☆332Updated 4 months ago
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆388Updated 3 weeks ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆701Updated 3 years ago
- 🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast c…☆753Updated 3 months ago
- Default signature for Jaeles Scanner☆319Updated 2 years ago
- Scrape domain names from SSL certificates of arbitrary hosts☆596Updated 5 months ago
- Black box fuzzer for web applications☆395Updated 2 months ago
- ☆527Updated 9 months ago
- Smart context-based SSRF vulnerability scanner.☆323Updated 2 years ago