inonshk / 31-days-of-API-Security-TipsLinks
This challenge is Inon Shkedy's 31 days API Security Tips.
β2,125Updated 3 years ago
Alternatives and similar repositories for 31-days-of-API-Security-Tips
Users that are interested in 31-days-of-API-Security-Tips are comparing it to the libraries listed below
Sorting:
- For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. π‘οΈβοΈπ§β1,771Updated last year
- A collection of custom security tools for quick needs.β3,214Updated 2 years ago
- A collection of awesome one-liner scripts especially for bug bounty tips.β2,867Updated 10 months ago
- A python script that finds endpoints in JavaScript filesβ3,984Updated last year
- Penetration tests guide based on OWASP including test cases, resources and examples.β2,633Updated 3 years ago
- BBT - Bug Bounty Tools (examplesπ‘)β1,809Updated last year
- gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Gβ¦β2,120Updated 2 weeks ago
- "Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.β5,214Updated 4 months ago
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, fβ¦β4,240Updated 8 months ago
- A curated list of amazingly awesome Burp Extensionsβ3,212Updated 4 months ago
- β1,186Updated 2 years ago
- Contextual Content Discovery Toolβ2,878Updated last year
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communitβ¦β3,322Updated 2 months ago
- CORS Misconfiguration Scannerβ1,441Updated 2 years ago
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single locationβ1,268Updated 4 years ago
- A Python program to scrape secrets from GitHub through usage of a large repository of dorks.β2,397Updated 10 months ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β5,559Updated 10 months ago
- Awesome XSS stuffβ4,932Updated 7 months ago
- A collection of hacks and one-off scriptsβ2,311Updated 3 months ago
- The Swiss Army knife for automated Web Application Testingβ2,252Updated last year
- Collection of methodology and test case for various web vulnerabilities.β6,452Updated 3 months ago
- A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.meβ2,130Updated 6 months ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3β1,965Updated last year
- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for β¦β3,366Updated this week
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-referenceβ5,189Updated last year
- Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web applicationβ4,766Updated 6 months ago
- β1,736Updated 2 weeks ago
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β4,336Updated last week
- The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, suβ¦β3,492Updated 2 months ago
- Subdomain Takeover tool written in Goβ1,979Updated last year