IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.
☆220Sep 25, 2025Updated 5 months ago
Alternatives and similar repositories for IDOR-Forge
Users that are interested in IDOR-Forge are comparing it to the libraries listed below
Sorting:
- A passive way to find backups/ sensitive information.☆87Jul 10, 2025Updated 7 months ago
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆43Feb 24, 2025Updated last year
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆92Jan 11, 2025Updated last year
- ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET…☆63Feb 22, 2025Updated last year
- Morgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulner…☆56Feb 2, 2025Updated last year
- Grep subdomains from web pages.☆42Feb 10, 2025Updated last year
- This script is used to search for cloud certificate entities such as Amazon, Azure, and others that have been extracted by the kaeferjaeg…☆55Nov 21, 2025Updated 3 months ago
- ☆23Mar 22, 2025Updated 11 months ago
- best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect☆1,524Dec 7, 2025Updated 2 months ago
- Passive Web Vulnerability Detection Tool☆37May 5, 2025Updated 9 months ago
- n8n workflows related to bug bounty☆46Oct 27, 2025Updated 4 months ago
- ☆14Nov 8, 2024Updated last year
- dnsprober is a fast and multipurpose DNS reconnaissance tool designed for efficient DNS probing and enumeration. It supports multiple DNS…☆35Jun 23, 2025Updated 8 months ago
- Automation tool to testing and confirm the xss vulnerability.☆306Jul 18, 2025Updated 7 months ago
- SubCerts is a simple tool that uses certificate transparency logs (via crt.sh) to extract subdomains of a given domain.☆75Jan 6, 2026Updated last month
- Grab form parameters easily☆14Dec 11, 2024Updated last year
- ☆39Jul 1, 2025Updated 8 months ago
- ☆13Oct 24, 2024Updated last year
- Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently brutef…☆125Dec 17, 2024Updated last year
- CrlfiX☆21Jan 30, 2025Updated last year
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆309Mar 31, 2024Updated last year
- Fback is a tool that helps you create target-specific wordlists using a .json pattern.☆63Nov 21, 2025Updated 3 months ago
- AI-powered ffuf wrapper☆646Dec 4, 2025Updated 2 months ago
- Header Exploitation HTTP☆711Updated this week
- Automate Recon XSS Bug Bounty☆178Jan 18, 2026Updated last month
- Robofinder retrieves historical #robots.txt files from #Archive.org, allowing you to collect old directories and paths for any domain whi…☆232Nov 21, 2025Updated 3 months ago
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆559Mar 8, 2025Updated 11 months ago
- Nuclei-AI-Prompts☆354Jun 22, 2025Updated 8 months ago
- CVE-2025-4123 - Grafana Tool☆30Jun 4, 2025Updated 8 months ago
- ☆477Aug 21, 2025Updated 6 months ago
- Burp Suite extension that makes your life easier by tucking the headers out of the way, so you can see the body content right away withou…☆39Oct 23, 2023Updated 2 years ago
- List of Directory Traversal/LFI Payloads Scraped from the Internet☆183Feb 10, 2025Updated last year
- An advanced JWT extraction & decoding tool for bug bounty hunters! 🏴☠️☆45Mar 24, 2025Updated 11 months ago
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆334Oct 25, 2025Updated 4 months ago
- jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying se…☆489Jan 22, 2026Updated last month
- Modern real world bug bounty payloads and exploitation techniques with may earn you some $$$.☆29Nov 7, 2023Updated 2 years ago
- Unauthorized Access to Metadata and User Data like CTF☆28Nov 30, 2024Updated last year
- Search for all leaked keys/secrets using one regex! bugbounty☆183Mar 29, 2025Updated 11 months ago
- A command-line utility for auditing DNS configuration using Zonemaster API☆32Aug 21, 2023Updated 2 years ago