gauravnarwani97 / TrishulView external linksLinks
Burp Extension written in Jython to hunt for common vulnerabilities found in websites. Developed by Gaurav Narwani to help people find vulnerabilities and teach how to exploit them.
☆250Apr 27, 2020Updated 5 years ago
Alternatives and similar repositories for Trishul
Users that are interested in Trishul are comparing it to the libraries listed below
Sorting:
- You can read the writeup on this script here☆192Sep 30, 2021Updated 4 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆63Apr 17, 2020Updated 5 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path☆107Aug 4, 2020Updated 5 years ago
- Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…☆223Jul 10, 2020Updated 5 years ago
- Subvenkon is a subdomain enumerator from Venkon☆23Jun 22, 2020Updated 5 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆173Nov 11, 2020Updated 5 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,770Apr 26, 2024Updated last year
- BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…☆60Oct 8, 2017Updated 8 years ago
- HTTP parameter discovery suite.☆93Apr 16, 2020Updated 5 years ago
- Trying to make automated recon for bug bounties☆255May 3, 2021Updated 4 years ago
- Match and Replace script used to automatically generate JSON option file to BurpSuite☆215May 13, 2019Updated 6 years ago
- Cross Origin Resource Sharing MisConfiguration Scanner☆173Nov 17, 2021Updated 4 years ago
- jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.☆154Feb 15, 2021Updated 5 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- sub domain wild card filtering tool☆40Apr 18, 2020Updated 5 years ago
- SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibil…☆156Aug 21, 2020Updated 5 years ago
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year
- Extract SSL certificate data (Subject Name, Subject Alt Names, Organisation)☆42Nov 10, 2025Updated 3 months ago
- ☆38Nov 27, 2020Updated 5 years ago
- Everything you need about Burp Extension Generation☆157Jan 6, 2023Updated 3 years ago
- Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…☆1,028Feb 5, 2021Updated 5 years ago
- Pentest/BugBounty progress control with scanning modules☆281Jul 16, 2020Updated 5 years ago
- Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.☆277Jan 28, 2025Updated last year
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,397Sep 13, 2024Updated last year
- Bugbounty scope tool☆332Mar 5, 2025Updated 11 months ago
- Poor (rich?) man's bug bounty pipeline https://dubell.io☆288Apr 24, 2023Updated 2 years ago
- A Colab For Bug Hunting!☆205Jun 28, 2021Updated 4 years ago
- A better version of my xssfinder tool - scans for different types of xss on a list of urls.☆188Aug 3, 2019Updated 6 years ago
- Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, Paramete…☆51Jun 14, 2020Updated 5 years ago
- This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.☆74Nov 5, 2020Updated 5 years ago
- Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.☆40Nov 21, 2025Updated 2 months ago
- Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…☆107Feb 11, 2019Updated 7 years ago
- Endpoint monitor tool☆21Sep 16, 2020Updated 5 years ago
- Take a list of domains/subdomains and probe for working http/https server.☆192Sep 8, 2020Updated 5 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆155Nov 24, 2023Updated 2 years ago
- Quick SQLMap Tamper Suggester☆1,391Jul 18, 2022Updated 3 years ago
- Automating XSS using Bash☆361Jan 27, 2026Updated 2 weeks ago