Alternatives and similar repositories for burp-wildcard:

Users that are interested in burp-wildcard are comparing it to the libraries listed below

• mhaskar / XMLDecoder-payload-generator
  A simple python script to generate XML payloads works for XMLDecoder based on ProcessBuilder and Runtime exec
  ☆149Updated 4 years ago
• codewhitesec / ColdFusionPwn
  Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12
  ☆94Updated 2 years ago
• wh1t3p1g / ysoserial
  forked from frohoff/ysoserial and added my own payloads.
  ☆151Updated 5 years ago
• kiks7 / rusty_joomla_rce
  Rusty Joomla RCE Exploit
  ☆69Updated 2 years ago
• jas502n / SpringBoot_Actuator_RCE
  SpringBoot_Actuator_RCE
  ☆96Updated 4 years ago
• jas502n / solr_rce
  Apache Solr RCE via Velocity template
  ☆108Updated 5 years ago
• jas502n / CVE-2019-11580
  CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE
  ☆106Updated 5 years ago
• gh0stkey / JSONandHTTPP
  Burp Suite Plugin: Convert the json text that returns the body into HTTP request parameters.
  ☆102Updated 3 years ago
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆122Updated 6 years ago
• 0xzmz / burpsuite_jsapi
  A BurpSuite extension written by Python,used to find API interface in JS file.
  ☆114Updated 2 years ago
• QdghJ / burp_data_collector
  A Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting
  ☆91Updated 4 years ago
• LandGrey / flink-unauth-rce
  exploit Apache Flink Web Dashboard unauth rce on right way by python2 scripts
  ☆90Updated 5 years ago
• PortSwigger / authz
  ☆106Updated 8 years ago
• xawdxawdx / sentrySSRF
  Tool to searching sentry config on page or in javascript files and check blind SSRF
  ☆70Updated 11 months ago
• LandGrey / xxe-ftp-server
  xxe oob receive file via web and ftp server
  ☆97Updated 5 years ago
• kingkaki / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆102Updated 5 years ago
• zer0yu / BugBounty
  web fuzzing && bug hunter
  ☆60Updated 3 years ago
• Y4er / CVE-2020-14645
  Weblogic CVE-2020-14645 UniversalExtractor JNDI injection getDatabaseMetaData()
  ☆79Updated 4 years ago
• wuppp / shiro_rce_exp
  Shiro RCE (Padding Oracle Attack)
  ☆143Updated 5 years ago
• Y4er / CVE-2020-2555
  Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE
  ☆176Updated 2 years ago
• random-robbie / cve-2020-0688
  cve-2020-0688
  ☆163Updated 5 years ago
• black-mirror / Weblogic
  Weblogic CVE-2019-2725 CVE-2019-2729 Getshell 命令执行
  ☆68Updated 5 years ago
• theLSA / burp-sensitive-param-extractor
  burpsuite extension for check and extract sensitive request parameter
  ☆113Updated 4 years ago
• jiangsir404 / Xss-Sql-Fuzz
  burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
  ☆63Updated 6 years ago
• theLSA / burp-info-extractor
  burpsuite extension for extract information from data
  ☆86Updated 11 months ago
• CHYbeta / OddProxyDemo
  ☆213Updated last year
• timwhitez / Frog-Submon
  🐸Subdomain Monitor, 子域名监控
  ☆77Updated 3 years ago
• Echocipher / Subdomain-Takeover
  一个子域名接管检测工具
  ☆142Updated 4 years ago
• Y4er / CVE-2020-2883
  Weblogic coherence.jar RCE
  ☆176Updated 4 years ago
• aRe00t / rce-over-spark
  Remote Command Execution Over Spark
  ☆96Updated 7 years ago