fcavallarin / burp-dom-scanner
Burp Suite's extension to scan and crawl Single Page Applications
☆102Updated last year
Alternatives and similar repositories for burp-dom-scanner:
Users that are interested in burp-dom-scanner are comparing it to the libraries listed below
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆85Updated last year
- ☆87Updated 10 months ago
- Nuclei Templates to reproduce Cracking the lens's Research☆124Updated 3 years ago
- A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.☆112Updated last month
- Spring4Shell Burp Scanner☆71Updated 2 years ago
- Endpoints Explorer is a Python script that employs multiple bypass rules to discover sensitive endpoints☆83Updated 9 months ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆58Updated last year
- PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]☆53Updated 2 years ago
- tool that generates bypasses for open redirects☆52Updated 2 years ago
- ☆52Updated 3 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆117Updated last year
- Improve automated and semi-automated active scanning in Burp Pro☆61Updated 2 years ago
- WEB API fuzzing☆24Updated last year
- Web cache poisoning vulnerability scanner.☆64Updated 2 years ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆75Updated last year
- ☆34Updated 2 years ago
- All Nuclei Templates☆67Updated 2 weeks ago
- CVE Collection of jQuery UI XSS Payloads☆118Updated 2 years ago
- Web API for nuclei and subfinder will help you automate your entire security testing workflow since you can host it anywhere and make it …☆59Updated 2 years ago
- CVE-2022-41040 - Server Side Request Forgery (SSRF) in Microsoft Exchange Server☆89Updated 2 years ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆63Updated last year
- CVE-2022-46169 Cacti remote_agent.php Unauthenticated Command Injection.☆48Updated 2 years ago
- The purpose of this repo is to share my research☆14Updated last year
- phpMyAdmin XSS☆116Updated 4 months ago
- 🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯☆24Updated last year
- bounty collection☆33Updated 6 months ago
- Zimbra RCE simple poc☆65Updated 2 years ago
- BChecks collection for Burp Suite Professional☆93Updated 9 months ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆67Updated 3 years ago