hisxo / JSpector
A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
☆353Updated last year
Alternatives and similar repositories for JSpector:
Users that are interested in JSpector are comparing it to the libraries listed below
- Smart context-based SSRF vulnerability scanner.☆349Updated 2 years ago
- This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.☆240Updated last week
- Local File Inclusion discovery and exploitation tool☆293Updated 2 months ago
- Useful "Match and Replace" burpsuite rules☆342Updated last year
- ☆238Updated 3 years ago
- This is a python wrapper around the amazing KNOXSS API by Brute Logic☆254Updated last week
- i will upload more templates here to share with the comunity.☆541Updated 11 months ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆381Updated last year
- Automated Tool for Testing Header Based Blind SQL Injection☆273Updated last year
- A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidde…☆360Updated last week
- A comprehensive list of custom filters for Logger++ to identify various vulnerabilities in different API styles☆219Updated 5 months ago
- XSS payloads for bypassing WAF. This repository is updating continuously.☆238Updated last year
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆267Updated 11 months ago
- Gotator is a tool to generate DNS wordlists through permutations.☆466Updated 2 years ago
- Automatic Bug finder with buprsuite☆165Updated 2 years ago
- ☆380Updated 3 weeks ago
- A collection oneliner scripts for bug bounty☆174Updated last year
- jsleak is a tool to find secret , paths or links in the source code during the recon.☆521Updated 2 months ago
- A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas i…☆175Updated 6 months ago
- Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]☆215Updated 6 months ago
- MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.☆170Updated 5 months ago
- This tool use fuuzzing to try to bypass unknown authentication methods, who knows...☆243Updated 7 months ago
- My Priv8 Nuclei Templates☆310Updated 10 months ago
- ☆297Updated 2 years ago
- Never forget where you inject.☆228Updated 2 years ago
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆353Updated last week
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆363Updated 3 weeks ago
- Enumerate / Dump Docker Registry☆173Updated 11 months ago
- All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)☆286Updated last year
- Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templ…☆98Updated last week