☆1,410Nov 13, 2020Updated 5 years ago
Alternatives and similar repositories for firing-range
Users that are interested in firing-range are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,917Nov 10, 2023Updated 2 years ago
- Browser's XSS Filter Bypass Cheat Sheet☆1,152May 6, 2017Updated 9 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,177May 26, 2023Updated 3 years ago
- rev-door is a small backdoor with only ONE line of PHP code, which takes command from POST data and execute it on server side. It is like…☆26May 12, 2016Updated 10 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,157Apr 21, 2024Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Welcome to the XSS Challenge Wiki!☆1,594Jun 24, 2020Updated 5 years ago
- This novel black-box web vulnerability scanner attempts to infer the state machine of the web application.☆19Mar 12, 2020Updated 6 years ago
- htcap is a web application scanner able to crawl single page application (SPA) recursively by intercepting ajax calls and DOM changes.☆627Oct 11, 2021Updated 4 years ago
- ☆2,324Dec 8, 2023Updated 2 years ago
- Cross-site request forgery Learning Platform☆21Sep 13, 2014Updated 11 years ago
- A Tool for Domain Flyovers☆5,941May 22, 2022Updated 4 years ago
- The Web Application Vulnerability Scanner Evaluation Project☆240Oct 5, 2022Updated 3 years ago
- REST/JSON interface to Burp Suite☆33Oct 12, 2020Updated 5 years ago
- Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告☆107Dec 13, 2017Updated 8 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,500Jan 9, 2025Updated last year
- The Bug Hunters Methodology☆4,338Aug 1, 2023Updated 2 years ago
- ☆698Jul 4, 2022Updated 3 years ago
- Awesome XSS stuff☆5,113Oct 30, 2024Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,496Oct 12, 2024Updated last year
- Web Input Vector Extractor Teaser☆130Jan 6, 2022Updated 4 years ago
- Most advanced XSS scanner.☆14,969Apr 26, 2025Updated last year
- Gryffin is a large scale web security scanning platform.☆2,057Feb 12, 2021Updated 5 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,935Sep 27, 2021Updated 4 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- a CMD shell in masm that listens on port 8080☆12Dec 19, 2020Updated 5 years ago
- A container repository for my public web hacks!☆2,025Oct 12, 2022Updated 3 years ago
- A modern vulnerable web app☆1,030Mar 11, 2021Updated 5 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,894Dec 4, 2025Updated 5 months ago
- HTTPLeaks - All possible ways, a website can leak HTTP requests☆2,107Jan 3, 2026Updated 4 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,738Jan 5, 2026Updated 4 months ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆801Nov 7, 2021Updated 4 years ago
- A Python Framework For NoSQL Scanning and Exploitation☆602Dec 6, 2024Updated last year
- Vulnerability scanner based on vulners.com search API☆893Oct 1, 2025Updated 7 months ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Web application fuzzer☆6,507Jan 21, 2026Updated 4 months ago
- XSS spider - 66/66 wavsep XSS detected☆1,739Jun 13, 2024Updated last year
- This tool can be used to brute discover GET and POST parameters☆1,395Aug 24, 2019Updated 6 years ago
- Automated All-in-One OS Command Injection Exploitation Tool☆5,742May 16, 2026Updated 2 weeks ago
- Git All the Payloads! A collection of web attack payloads.☆3,949May 15, 2023Updated 3 years ago
- In-depth attack surface mapping and asset discovery☆14,596Apr 17, 2026Updated last month
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,424Mar 26, 2026Updated 2 months ago