imperva / automatic-api-attack-tool
Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
☆451Updated last year
Related projects: ⓘ
- ☆950Updated 9 months ago
- Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…☆986Updated 3 years ago
- Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.☆807Updated 4 months ago
- REST/JSON API to the Burp Suite security tool.☆546Updated 3 months ago
- Security Testing Scripts for JWT☆305Updated 2 years ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆351Updated 2 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆601Updated 6 months ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆330Updated 4 years ago
- Go client to communicate with Chaos DB API.☆621Updated this week
- DOM XSS scanner for Single Page Applications☆394Updated 2 months ago
- Awesome cloud enumerator☆855Updated last month
- Default signature for Jaeles Scanner☆319Updated 2 years ago
- An automated target reconnaissance pipeline.☆424Updated last year
- Automated HTTP Request Repeating With Burp Suite☆839Updated 2 years ago
- Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security prof…☆411Updated 3 years ago
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆515Updated 6 years ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆635Updated 5 years ago
- A simple SSRF-testing sheriff written in Go☆310Updated 5 months ago
- A Powerful Subdomain Takeover Tool☆919Updated 11 months ago
- Fetches javascript file from a list of URLS or subdomains.☆735Updated last year
- Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94☆346Updated last year
- Second-order subdomain takeover scanner☆374Updated last year
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.☆215Updated 3 months ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆384Updated 7 years ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆476Updated last year
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆686Updated last year
- Repo for all the OWASP-SKF Docker lab examples☆431Updated last month
- ☆554Updated 3 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆663Updated last year
- HTTP file upload scanner for Burp Proxy☆394Updated last year