☆1,410Nov 13, 2020Updated 5 years ago
Alternatives and similar repositories for firing-range
Users that are interested in firing-range are comparing it to the libraries listed below
Sorting:
- Browser's XSS Filter Bypass Cheat Sheet☆1,150May 6, 2017Updated 8 years ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,835Nov 10, 2023Updated 2 years ago
- rev-door is a small backdoor with only ONE line of PHP code, which takes command from POST data and execute it on server side. It is like…☆26May 12, 2016Updated 9 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,171May 26, 2023Updated 2 years ago
- htcap is a web application scanner able to crawl single page application (SPA) recursively by intercepting ajax calls and DOM changes.☆626Oct 11, 2021Updated 4 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,123Apr 21, 2024Updated last year
- Welcome to the XSS Challenge Wiki!☆1,595Jun 24, 2020Updated 5 years ago
- Cross-site request forgery Learning Platform☆21Sep 13, 2014Updated 11 years ago
- ☆2,319Dec 8, 2023Updated 2 years ago
- The Bug Hunters Methodology☆4,260Aug 1, 2023Updated 2 years ago
- The Web Application Vulnerability Scanner Evaluation Project☆241Oct 5, 2022Updated 3 years ago
- A Tool for Domain Flyovers☆5,904May 22, 2022Updated 3 years ago
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,477Jan 9, 2025Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- ☆694Jul 4, 2022Updated 3 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,903Sep 27, 2021Updated 4 years ago
- a CMD shell in masm that listens on port 8080☆12Dec 19, 2020Updated 5 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆799Nov 7, 2021Updated 4 years ago
- REST/JSON interface to Burp Suite☆33Oct 12, 2020Updated 5 years ago
- A Python Framework For NoSQL Scanning and Exploitation☆602Dec 6, 2024Updated last year
- Git All the Payloads! A collection of web attack payloads.☆3,908May 15, 2023Updated 2 years ago
- ☆17Oct 5, 2014Updated 11 years ago
- Gryffin is a large scale web security scanning platform.☆2,060Feb 12, 2021Updated 5 years ago
- XSS spider - 66/66 wavsep XSS detected☆1,742Jun 13, 2024Updated last year
- Vulnerability scanner based on vulners.com search API☆885Oct 1, 2025Updated 5 months ago
- HTTPLeaks - All possible ways, a website can leak HTTP requests☆2,100Jan 3, 2026Updated 2 months ago
- Awesome XSS stuff☆5,066Oct 30, 2024Updated last year
- Most advanced XSS scanner.☆14,787Apr 26, 2025Updated 10 months ago
- A modern vulnerable web app☆1,020Mar 11, 2021Updated 4 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,776Dec 4, 2025Updated 3 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,655Jan 5, 2026Updated 2 months ago
- Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告☆107Dec 13, 2017Updated 8 years ago
- ☆133Nov 6, 2015Updated 10 years ago
- Automated All-in-One OS Command Injection Exploitation Tool☆5,645Feb 28, 2026Updated last week
- Web application fuzzer☆6,434Jan 21, 2026Updated last month
- This tool can be used to brute discover GET and POST parameters☆1,393Aug 24, 2019Updated 6 years ago
- The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of co…☆446Aug 7, 2020Updated 5 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆549Jun 12, 2017Updated 8 years ago
- Web Input Vector Extractor Teaser☆132Jan 6, 2022Updated 4 years ago