Alternatives and similar repositories for burp-wildcard

Users that are interested in burp-wildcard are comparing it to the libraries listed below

• mhaskar / XMLDecoder-payload-generator
  A simple python script to generate XML payloads works for XMLDecoder based on ProcessBuilder and Runtime exec
  ☆150Updated 4 years ago
• jas502n / SpringBoot_Actuator_RCE
  SpringBoot_Actuator_RCE
  ☆96Updated 5 years ago
• xawdxawdx / sentrySSRF
  Tool to searching sentry config on page or in javascript files and check blind SSRF
  ☆70Updated last year
• jas502n / solr_rce
  Apache Solr RCE via Velocity template
  ☆116Updated 5 years ago
• codewhitesec / ColdFusionPwn
  Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12
  ☆95Updated 3 years ago
• kiks7 / rusty_joomla_rce
  Rusty Joomla RCE Exploit
  ☆69Updated 2 years ago
• theLSA / burp-sensitive-param-extractor
  burpsuite extension for check and extract sensitive request parameter
  ☆114Updated 4 years ago
• 0xzmz / burpsuite_jsapi
  A BurpSuite extension written by Python,used to find API interface in JS file.
  ☆115Updated 2 years ago
• LandGrey / flink-unauth-rce
  exploit Apache Flink Web Dashboard unauth rce on right way by python2 scripts
  ☆90Updated 5 years ago
• zer0yu / BugBounty
  web fuzzing && bug hunter
  ☆61Updated 3 years ago
• jiangsir404 / Xss-Sql-Fuzz
  burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
  ☆63Updated 6 years ago
• PortSwigger / authz
  ☆108Updated 8 years ago
• jas502n / Redis-RCE
  remote code execute for redis4 and redis5
  ☆92Updated 6 years ago
• Y4er / CVE-2020-2555
  Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE
  ☆177Updated 2 years ago
• wh1t3p1g / ysoserial
  forked from frohoff/ysoserial and added my own payloads.
  ☆153Updated 5 years ago
• theLSA / f5-bigip-rce-cve-2020-5902
  F5 BIG-IP RCE CVE-2020-5902 automatic check tool
  ☆63Updated 5 years ago
• jweny / shiro-cve-2020-17523
  shiro-cve-2020-17523 漏洞的两种绕过姿势分析 以及配套的漏洞环境
  ☆117Updated 4 years ago
• Al1ex / CVE-2020-36179
  CVE-2020-36179~82 Jackson-databind SSRF&RCE
  ☆81Updated 4 years ago
• hktalent / CVE-2020-2551
  how detect CVE-2020-2551 poc exploit python Weblogic RCE with IIOP
  ☆212Updated 2 years ago
• gh0stkey / JSONandHTTPP
  Burp Suite Plugin: Convert the json text that returns the body into HTTP request parameters.
  ☆103Updated 4 years ago
• mishmashclone / GrrrDog-Java-Deserialization-Cheat-Sheet
  https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
  ☆51Updated 4 years ago
• LandGrey / xxe-ftp-server
  xxe oob receive file via web and ftp server
  ☆97Updated 5 years ago
• QdghJ / burp_data_collector
  A Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting
  ☆91Updated 4 years ago
• Echocipher / Subdomain-Takeover
  一个子域名接管检测工具
  ☆142Updated 4 years ago
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆122Updated 6 years ago
• jas502n / CVE-2019-11580
  CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE
  ☆106Updated 6 years ago
• Y4er / CVE-2020-14645
  Weblogic CVE-2020-14645 UniversalExtractor JNDI injection getDatabaseMetaData()
  ☆80Updated 5 years ago
• potats0 / cve_2020_14644
  ☆69Updated 5 years ago
• black-mirror / Weblogic
  Weblogic CVE-2019-2725 CVE-2019-2729 Getshell 命令执行
  ☆69Updated 6 years ago
• m01e-40x / MyJSPWebshell
  My collection of various of JSP Webshell.
  ☆36Updated 3 years ago