hahwul / authz0Links
π Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
β421Updated 7 months ago
Alternatives and similar repositories for authz0
Users that are interested in authz0 are comparing it to the libraries listed below
Sorting:
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β642Updated last year
- Fast and customizable vulnerability scanner For JIRA written in Pythonβ320Updated 5 months ago
- Gotator is a tool to generate DNS wordlists through permutations.β480Updated 2 years ago
- Generate tens of thousands of subdomain combinations in a matter of secondsβ270Updated last year
- Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)β275Updated last year
- mx-takeover focuses DNS MX records and detects misconfigured MX records.β347Updated last year
- β315Updated 2 weeks ago
- Automated learning of regexes for DNS discoveryβ370Updated 2 years ago
- hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.β447Updated 3 years ago
- Web dashboard for Interactsh clientβ224Updated 3 weeks ago
- Discover new target domains using Content Security Policyβ447Updated this week
- Useful "Match and Replace" burpsuite rulesβ348Updated last year
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β982Updated last week
- Black box fuzzer for web applicationsβ427Updated 11 months ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.β71Updated last year
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on itβ452Updated last year
- A Security Tool for Enumerating WebSocketsβ352Updated 3 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β870Updated last year
- Smart context-based SSRF vulnerability scanner.β351Updated 3 years ago
- Scrape domain names from SSL certificates of arbitrary hostsβ650Updated last year
- Prototype pollution scanner using headless chromeβ218Updated 2 years ago
- β520Updated 2 years ago
- A projectdiscovery driven attack surface monitoring bot powered by axiomβ182Updated 2 years ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.β511Updated 3 years ago
- Customisable and automated HTTP header injectionβ253Updated 11 months ago
- Monitoring framework to detect and report newly found subdomains on a specific target using various scanning toolsβ274Updated 11 months ago
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration testβ¦β384Updated last week
- Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.β315Updated 3 weeks ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.β381Updated 3 years ago
- Http request smuggling vulnerability scannerβ227Updated 2 years ago