A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.
☆184Nov 22, 2021Updated 4 years ago
Alternatives and similar repositories for TProxer
Users that are interested in TProxer are comparing it to the libraries listed below
Sorting:
- Hidden parameters discovery suite☆224Nov 14, 2022Updated 3 years ago
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).☆25May 30, 2021Updated 4 years ago
- A burp-suite plugin that extract all parameter names from in-scope requests☆29Nov 9, 2021Updated 4 years ago
- Burp extension to create target specific and tailored wordlist from burp history.☆256Dec 8, 2021Updated 4 years ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆615Jan 20, 2021Updated 5 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Apr 25, 2022Updated 3 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆175Oct 26, 2024Updated last year
- Nuclei Templates to reproduce Cracking the lens's Research☆132Jan 8, 2022Updated 4 years ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆344Dec 31, 2024Updated last year
- Burp Suite Extensions☆12Oct 19, 2021Updated 4 years ago
- Detects request smuggling via HTTP/2 downgrades.☆94Jul 30, 2022Updated 3 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆297Sep 22, 2024Updated last year
- Python script to launch burp scans automatically☆32Jul 18, 2021Updated 4 years ago
- Jeeves SQLI Finder☆215May 13, 2022Updated 3 years ago
- Useful "Match and Replace" burpsuite rules☆365Sep 26, 2023Updated 2 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,039Aug 23, 2025Updated 6 months ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆953Dec 31, 2021Updated 4 years ago
- Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)☆289Sep 26, 2023Updated 2 years ago
- Automating XSS using Bash☆362Jan 27, 2026Updated last month
- Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]☆225Aug 29, 2024Updated last year
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆970Dec 8, 2021Updated 4 years ago
- Finding XSS during recon☆273Sep 13, 2022Updated 3 years ago
- ReconMaster contest - scripts used and a write-up☆89Sep 20, 2021Updated 4 years ago
- KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…☆59Sep 6, 2021Updated 4 years ago
- ☆250May 25, 2021Updated 4 years ago
- ☆299Jul 16, 2022Updated 3 years ago
- TProx is a fast reverse proxy path traversal detector and directory bruteforcer.☆30Sep 16, 2021Updated 4 years ago
- Extract JavaScript files from burp suite project with ease.☆98Feb 19, 2022Updated 4 years ago
- Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.☆112Feb 16, 2022Updated 4 years ago
- Prototype pollution scanner using headless chrome☆218Jul 27, 2022Updated 3 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆374Jul 25, 2023Updated 2 years ago
- Burpsuite Plugin to detect Directory Traversal vulnerabilities☆27Jul 22, 2021Updated 4 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆118Jun 17, 2023Updated 2 years ago
- A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…☆395Feb 18, 2026Updated last week
- GG Dorking is a tool to generate GitHub and Google dorking for pentesters and bug bounty hunters.☆102Jul 12, 2025Updated 7 months ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆802Jul 4, 2023Updated 2 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,497Jan 8, 2026Updated last month
- Nuclei Templates - Here you will find the templates I use while hunting☆120Sep 27, 2021Updated 4 years ago
- A repository that includes all the important wordlists used while bug hunting.☆1,379Mar 11, 2023Updated 2 years ago