evilc0deooo/SwaggerHound

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/evilc0deooo/SwaggerHound)

evilc0deooo / SwaggerHound

自动化检测 Swagger API 接口未授权访问漏洞工具

☆62

Alternatives and similar repositories for SwaggerHound

Users that are interested in SwaggerHound are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

Scorcsoft / forBy
View on GitHub
一款图形化的 .DS_Store文件泄露、.git目录泄露、.svn目录泄露漏洞利用工具。
☆98Mar 26, 2025Updated last year
zg-sec / PHP_FileUpload
View on GitHub
PHP文件上传50+绕过手法全景解析
☆17Mar 16, 2025Updated last year
mhtsec / ChromeDomainInfo
View on GitHub
查询当前网页域名备案以及seo，以及对应的企业信息的谷歌浏览器插件
☆18Feb 10, 2025Updated last year
hackerchuan1 / Unauthorized_VUl
View on GitHub
一款最全未授权访问漏洞批量检测工具，集成40+常见未授权访问漏洞。
☆35Jul 4, 2025Updated 9 months ago
LuckyRiver99 / fscanDC
View on GitHub
fscan结果优化，更新DC域筛选
☆10Nov 21, 2023Updated 2 years ago
Wordpress hosting with auto-scaling - Free Trial Offer • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
mhtsec / Docker-Registry-exp
View on GitHub
一款功能强大的Docker Registry 5000端口未授权浏览、下载和安全测试工具，集成了镜像管理、认证爆破、敏感信息搜索等多项实用功能。
☆35Nov 6, 2025Updated 5 months ago
TFour123 / Webpack_Insight
View on GitHub
用于提取Webpack打包的未加载的JavaScript文件，并扫描这些文件以查找敏感信息。
☆40Sep 17, 2025Updated 7 months ago
N-Next / URLFinder-x
View on GitHub
优化后的URLFinder，可以通过自定义的正则表达式，对页面中的各类敏感信息提取
☆152Jan 20, 2025Updated last year
DeEpinGh0st / JDumpSpiderGUI
View on GitHub
JDumpSpiderGUI 是一个用于 Java 堆转储文件分析的工具，支持命令行和 JavaFX 图形界面两种模式。该工具主要是在原工具上添加了图形化的界面
☆159May 5, 2025Updated 11 months ago
Bbdolt / SeeMore
View on GitHub
漏洞挖掘小工具，用于发现页面中的隐藏可点击元素
☆84Jun 4, 2025Updated 10 months ago
BushANQ / Get_AV
View on GitHub
在线安软识别
☆12Aug 6, 2025Updated 8 months ago
R4gd0ll / ruoyi-4.8.0-RCE
View on GitHub
若依4.8.0后台RCE
☆27May 21, 2025Updated 11 months ago
youki992 / YonYouNCPocTool
View on GitHub
用友NC漏洞批量检测工具，支持POC显示、单一检测、批量检测、结果导出、AI交互等
☆46Sep 8, 2025Updated 7 months ago
mk4no1 / SwaggerAH
View on GitHub
SwaggerGan
☆106Nov 18, 2025Updated 5 months ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
iSee857 / CVE-PoC
View on GitHub
☆43Mar 10, 2026Updated last month
blackguest007 / mitmproxy-gui
View on GitHub
用于解决渗透测试加解密的难题，让你的burp像测试明文这么简单
☆84Aug 10, 2025Updated 8 months ago
Chave0v0 / API-Highlighter
View on GitHub
API Highlighter 是一个用于 BurpSuite 的插件，主要用于 web 应用迭代安全测试时高亮指定的新增接口，该插件最初用 Python 编写，现重构为 Java 版本。
☆42Feb 19, 2025Updated last year
lizhianyuguangming / TomcatScanPro
View on GitHub
tomcat自动化漏洞扫描利用工具，支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938/CNVD-2020-10487 文件包含
☆288Apr 6, 2025Updated last year
0x7556 / wolfshell
View on GitHub
金刚狼：首款支持AI渗透的WebShell MCP，首款支持多层内网级联的ASPX、ASHX高级WebShell管理工具，AES加密通信，无需代理，内存加载渗透工具，无文件落地隐蔽渗透目标，动态代码执行，ShellCode加载(Metasploit/Cobalt Strik…
☆207Apr 7, 2026Updated 3 weeks ago
CompassSecurity / jwt-scanner
View on GitHub
JWT-scanner Burp Extension
☆62May 12, 2025Updated 11 months ago
SharpKean / Burp_TLA
View on GitHub
Burp插件 TLA Watcher：分为两个模块：流量管理模块、扩展功能模块（脆弱风险检测）
☆39Nov 13, 2025Updated 5 months ago
238469 / burp-finger
View on GitHub
Finger 是一款专为 Burp Suite 打造的模块化指纹识别插件，旨在通过被动流量监控与智能主动探测，快速识别目标站点的技术栈（CMS、框架、中间件、API 接口及敏感路径泄露）
☆30Apr 13, 2026Updated 2 weeks ago
pap1rman / JNDIExploit-modify
View on GitHub
对原版JNDIExploit进行修改增加线程和JMX注入内存马
☆17Apr 23, 2025Updated last year
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
xsshim / GzWebsocket
View on GitHub
哥斯拉webshell管理工具的插件，用于连接websocket型webshell
☆183Apr 17, 2024Updated 2 years ago
winezer0 / APIFinderPlus
View on GitHub
目标是成为当下最完善的API挖掘工具，实现自动提取响应敏感信息、URI信息，并且对URI进行自动|手动递归检查
☆257Aug 16, 2025Updated 8 months ago
youki992 / ShiningZ
View on GitHub
"闪紫"（英文名shiningZ）社工字典生成工具，支持ABC自定义排列组合、ABC列字典AI扩展、AI提示词联想字典、自定义AI提示、字典去重、结果导出等
☆33Oct 27, 2025Updated 6 months ago
abc123info / ysoserial_JDK1.5
View on GitHub
分享ABC_123自己改造的ysoserial工具，java反序列化漏洞利用，生成的java反序列化利用链支持jdk1.5版本的老旧系统的利用。
☆58Mar 16, 2025Updated last year
mumu0215 / api_checker
View on GitHub
burpsuit插件，解析swagger/openapi接口文档并进行请求，模拟参数方便渗透测试人员快速发现可用接口 (最新使用源码编译，release有时候没空搞)
☆42Oct 23, 2025Updated 6 months ago
s1null / GhostEye
View on GitHub
为渗透测试而生的ssh面板
☆73Mar 15, 2025Updated last year
cws001 / swagger-exp-knife4j
View on GitHub
一款基于Knife4j 的 Swagger 接口自动化测试未授权工具
☆128Apr 29, 2024Updated 2 years ago
LinBeiPolaris / PolarisScan
View on GitHub
一款Google信息收集插件，包含域名，map，js等文件提取
☆24Apr 5, 2025Updated last year
Qiufen22 / sqlmap_gui
View on GitHub
sqlmap_gui是一款图形界面化的 SQL 注入漏洞测试工具
☆38Mar 28, 2025Updated last year
Managed Kubernetes at scale on DigitalOcean • Ad
DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
P001water / P1soda
View on GitHub
一款渗透场景下的内网漏洞自动化扫描工具
☆370Jun 8, 2025Updated 10 months ago
yuyan-sec / druid_sessions
View on GitHub
获取 alibaba druid 一些 sessions , sql , urls
☆324Apr 4, 2025Updated last year
0x7556 / 1Scan
View on GitHub
Hacking Scanner 一键渗透扫描器
☆31Feb 9, 2025Updated last year
w-sega / Burp_URLReplayer
View on GitHub
URLReplayer是一个burp插件，一个用于自动化 API 接口提取、参数解析及批量验证的 Burp Suite 插件。旨在从 HTTP 响应中快速挖掘未公开的 API 端点并进行有效性测试。
☆41Jan 15, 2026Updated 3 months ago
pureqh / Hyacinth
View on GitHub
一款java漏洞集合工具
☆1,117Jan 13, 2026Updated 3 months ago
kk12-30 / ruoyi-Vue-tools
View on GitHub
若依Vue漏洞检测工具
☆258May 23, 2025Updated 11 months ago
LMcream / DD-security-tool
View on GitHub
一款集成多种安全功能的工具箱，旨在帮助用户快速进行威胁情报查询、网络排查、主机信息分析、主机日志分析、IP类处理等相关操作
☆86Apr 29, 2025Updated last year