immunIT / drupwn
Drupal enumeration & exploitation tool
☆592Updated 4 years ago
Alternatives and similar repositories for drupwn:
Users that are interested in drupwn are comparing it to the libraries listed below
- A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.☆1,307Updated last year
- Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)☆585Updated 4 years ago
- kadimus is a tool to check and exploit lfi vulnerability.☆522Updated 4 years ago
- A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…☆1,213Updated last year
- Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94☆356Updated last year
- BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…☆539Updated 2 years ago
- Multi Tool Subdomain Enumeration☆723Updated 3 years ago
- A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-s…☆434Updated 3 years ago
- HTTP file upload scanner for Burp Proxy☆485Updated last year
- Free web-application vulnerability and version scanner☆567Updated 5 months ago
- SSLScrape | A scanning tool for scaping hostnames from SSL certificates.☆333Updated 3 years ago
- Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).☆375Updated 5 years ago
- fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion b…☆526Updated 2 years ago
- File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.☆269Updated 3 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆349Updated 6 years ago
- Python 3.5+ DNS asynchronous brute force utility☆651Updated last year
- Simple shell script for automated domain recognition with some tools☆302Updated 4 years ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆342Updated 3 years ago
- From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras☆425Updated 4 years ago
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆524Updated 6 years ago
- HTTP file upload scanner for Burp Proxy☆398Updated last year
- Pathbrute☆448Updated 4 years ago
- ⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.☆766Updated last year
- An automated approach to performing recon for bug bounty hunting and penetration testing.☆442Updated 4 years ago
- A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.☆396Updated 4 years ago
- Correlated injection proxy tool for XSS Hunter☆252Updated 2 years ago
- Note: Going through a full re-write of the tooling so the current versions in the repo do not work!☆400Updated 4 years ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆634Updated 5 years ago
- SSRF testing tool☆243Updated 2 years ago
- JShell - Get a JavaScript shell with XSS.☆513Updated 5 years ago