h3xstream / find-sec-bugsLinks
The FindBugs plugin for security audits of Java web applications and Android applications. (Also work with Scala and Groovy projects)
☆21Updated last year
Alternatives and similar repositories for find-sec-bugs
Users that are interested in find-sec-bugs are comparing it to the libraries listed below
Sorting:
- REST/JSON interface to Burp Suite☆33Updated 4 years ago
- Demo server for testing Java deserialization payloads☆15Updated 8 years ago
- Use burp's JS static code analysis on code from your local system.☆42Updated 8 years ago
- A collection of vulnerable web applications in Node.js to practice security fundamentals☆13Updated 9 years ago
- XXE OOB Exploitation Toolset for Automation☆63Updated 11 years ago
- Deliberately vulnerable web application☆22Updated 8 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆30Updated 9 years ago
- Tainted PhantomJS☆52Updated 9 years ago
- Java Deserialization☆26Updated 8 years ago
- Burp extension to quickly and easily develop Python complex exploits based on Burp proxy requests.☆33Updated 9 years ago
- Demo Application and Exploit☆35Updated 8 years ago
- A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities☆60Updated 8 years ago
- WebBorer is a directory-enumeration tool written in Go.☆44Updated 2 years ago
- Vulnerable Grails application☆43Updated 10 years ago
- Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created d…☆67Updated last year
- Repository for the Deprecated MITRE Capture the Flag scoreboard.☆11Updated 7 years ago
- A Burp Suite extension that starts scanning on requests it sees, and dumps results on standard output☆21Updated 8 years ago
- r2yara - Module for Yara using radare2 information☆35Updated last year
- OAuth plugin for Burp Suite Extender☆42Updated 6 years ago
- Faraday Continuous Scanning☆34Updated 8 years ago
- a dumb protocol-unaware packet fuzzer/replayer☆23Updated 7 years ago
- sniff/log database traffic or actively execute arbitrary queries via TCP injection☆42Updated 9 years ago
- Parallel APK analyzer☆51Updated 8 years ago
- Passive Spider uses search engines to find interesting information about a target domain.☆17Updated 11 years ago
- BlindRef serves as the basis for an automated Blind-Based XXE Exploitation Framework☆26Updated 8 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆44Updated 8 years ago
- Framework for Automated Security Testing that is Scaleable and Asynchronous built on Microservices☆18Updated 8 years ago
- Python object interface to requests/responses recorded by Burp Suite☆37Updated 5 years ago
- Burp extension that checks for interesting and security headers☆43Updated 4 years ago
- An example of obtaining RCE via Redis and CSRF☆76Updated 8 years ago