imperva / automatic-api-attack-tool
Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
☆457Updated last year
Related projects ⓘ
Alternatives and complementary repositories for automatic-api-attack-tool
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆356Updated 3 years ago
- ☆958Updated 11 months ago
- REST/JSON API to the Burp Suite security tool.☆547Updated 5 months ago
- An automated target reconnaissance pipeline.☆428Updated last year
- DOM XSS scanner for Single Page Applications☆394Updated 4 months ago
- A simple SSRF-testing sheriff written in Go☆316Updated 2 weeks ago
- An automated approach to performing recon for bug bounty hunting and penetration testing.☆442Updated 4 years ago
- Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security prof…☆412Updated 3 years ago
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆524Updated 6 years ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆639Updated 5 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆745Updated 3 years ago
- Security Testing Scripts for JWT☆308Updated 2 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆274Updated 3 years ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆695Updated last year
- ☆555Updated 3 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆306Updated 7 months ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆296Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆804Updated 2 years ago
- ☆232Updated 4 months ago
- List DTDs and generate XXE payloads using those local DTDs.☆611Updated 9 months ago
- Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…☆990Updated 3 years ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆701Updated 3 months ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆332Updated 4 years ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆341Updated 3 years ago
- Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94☆353Updated last year
- HTTP file upload scanner for Burp Proxy☆397Updated last year
- A Powerful Subdomain Takeover Tool☆931Updated last year
- Default signature for Jaeles Scanner☆319Updated 2 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆252Updated 2 years ago
- SSRF testing tool☆241Updated last year