iosiro / baserunner
A tool for exploring Firebase datastores.
☆205Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for baserunner
- A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the a…☆292Updated 5 months ago
- The scripts helps security analsts to identify misconfigured firebase instances.☆204Updated 2 years ago
- ☆393Updated 3 years ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆186Updated 3 months ago
- Unofficial documentation for the great tool Param Miner☆173Updated 2 years ago
- 🐙 Cross-document messaging security research tool powered by https://enso.security☆281Updated last year
- PP-finder Help you find gadget for prototype pollution exploitation☆138Updated 3 months ago
- MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.☆133Updated last month
- IIS shortname scanner written in Go☆312Updated last year
- xss development frameworks, with the goal of making payload writing easier.☆136Updated 3 months ago
- Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.☆249Updated 3 months ago
- Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…☆175Updated 3 years ago
- A fast and minimal JS endpoint extractor☆327Updated 2 weeks ago
- A Firefox Web Extension to improve the discovery of DOM XSS.☆262Updated last week
- GQLSpection - parses GraphQL introspection schema and generates possible queries☆72Updated 5 months ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆295Updated last week
- Burp extension to create target specific and tailored wordlist from burp history.☆232Updated 2 years ago
- A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way t…☆227Updated 2 years ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆120Updated this week
- ☆146Updated last year
- ☆143Updated last month
- Turbo Intruder Scripts☆216Updated 4 years ago
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆402Updated 2 months ago
- Obtain GraphQL API schema despite disabled introspection!☆52Updated 3 years ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆135Updated 3 weeks ago
- This repo contains all the injections mentioned in my talk and enumerators.☆121Updated 11 months ago
- Print out URL schemas from an Android app☆113Updated 2 months ago
- Insecure Firebase | Bugbounty | Hacking Insecure Firbase☆82Updated 3 years ago
- This tool use fuuzzing to try to bypass unknown authentication methods, who knows...☆228Updated 3 months ago
- 🛠️ Workflows created by the community☆61Updated 4 months ago