ettic-team / dnsbin

Related projects: ⓘ

• teknogeek / ssrf-sheriff
  A simple SSRF-testing sheriff written in Go
  ☆310Updated 5 months ago
• FSecureLABS / dref
  DNS Rebinding Exploitation Framework
  ☆479Updated 3 years ago
• mandatoryprogrammer / xsshunter_client
  Correlated injection proxy tool for XSS Hunter
  ☆248Updated last year
• lc / secretz
  secretz, minimizing the large attack surface of Travis CI
  ☆321Updated 2 years ago
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆292Updated 4 years ago
• devoteam-cybertrust / burpcollaborator-docker
  This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…
  ☆279Updated 2 months ago
• infosec-au / enumXFF
  Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
  ☆215Updated 2 years ago
• PortSwigger / hackability
  Probe a rendering engine for vulnerabilities and other features
  ☆364Updated 2 years ago
• bayotop / off-by-slash
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆251Updated 2 years ago
• internetwache / CT_subdomains
  An hourly updated list of subdomains gathered from certificate transparency logs
  ☆340Updated 2 years ago
• makuga01 / dnsFookup
  DNS rebinding toolkit
  ☆250Updated last year
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated last year
• PortSwigger / collaborator-everywhere
  A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by caus…
  ☆421Updated 9 months ago
• daeken / SSRFTest
  SSRF testing tool
  ☆242Updated last year
• mpgn / ByP-SOP
  🏴‍☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴‍☠️
  ☆196Updated 5 years ago
• cheetz / sslScrape
  SSLScrape | A scanning tool for scaping hostnames from SSL certificates.
  ☆328Updated 3 years ago
• gwen001 / s3-buckets-finder
  Find AWS S3 buckets and test their permissions.
  ☆366Updated last year
• lc / theftfuzzer
  TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
  ☆308Updated last year
• projectdiscovery / dnsprobe
  DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplie…
  ☆275Updated 3 years ago
• koenrh / s3enum
  Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.
  ☆215Updated 3 months ago
• mhmdiaa / second-order
  Second-order subdomain takeover scanner
  ☆374Updated last year
• mazen160 / jwt-pwn
  Security Testing Scripts for JWT
  ☆305Updated 2 years ago
• brannondorsey / whonow
  A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
  ☆619Updated 2 years ago
• jobertabma / transformations
  ☆171Updated last year
• 0ang3el / websocket-smuggle
  Issues with WebSocket reverse proxying allowing to smuggle HTTP requests
  ☆331Updated last month
• fransr / bountyplz
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆439Updated 5 years ago
• staaldraad / xxeserv
  A mini webserver with FTP support for XXE payloads
  ☆326Updated 8 months ago
• fcavallarin / domdig
  DOM XSS scanner for Single Page Applications
  ☆394Updated 2 months ago
• 0xbharath / censys-enumeration
  A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys
  ☆152Updated last year
• SolomonSklash / chomp-scan
  A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
  ☆393Updated 4 years ago