google / security-crawl-mazeLinks
Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.
☆162Updated last year
Alternatives and similar repositories for security-crawl-maze
Users that are interested in security-crawl-maze are comparing it to the libraries listed below
Sorting:
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆50Updated 7 years ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆395Updated 7 years ago
- A simple SSRF-testing sheriff written in Go☆327Updated 7 months ago
- Cure53 Browser Security White Paper☆295Updated 7 years ago
- secretz, minimizing the large attack surface of Travis CI☆325Updated 3 years ago
- Application and Service Fingerprinting☆133Updated 2 years ago
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆221Updated last year
- ☆361Updated 3 months ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆287Updated 4 months ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆259Updated 3 years ago
- Evenly distributes scanner load across targets☆87Updated last month
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆301Updated 2 years ago
- Generic SAST Library☆131Updated 6 months ago
- XS-Leaks Wiki☆161Updated 4 months ago
- A Chrome extension static analysis tool to help aide in security reviews.☆154Updated last year
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆111Updated 2 years ago
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆138Updated 5 years ago
- Simple "postMessage logger" Chrome extension☆96Updated 5 years ago
- ☆103Updated this week
- An hourly updated list of subdomains gathered from certificate transparency logs☆348Updated 3 years ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆147Updated last year
- Predict Mongo ObjectIds☆134Updated 7 years ago
- Burp Suite Extension to monitor new scope☆198Updated 4 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Updated 3 years ago
- A tiny and cute URL fuzzer☆395Updated 2 years ago
- ☆72Updated 3 years ago
- Unicode Security Guide☆120Updated 7 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆144Updated last year
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆560Updated 2 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆259Updated 2 years ago