HTTP.ninja
☆147Sep 3, 2023Updated 2 years ago
Alternatives and similar repositories for httpninja
Users that are interested in httpninja are comparing it to the libraries listed below
Sorting:
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆346Nov 20, 2022Updated 3 years ago
- Repo of useful scripts☆104Jun 30, 2020Updated 5 years ago
- The PDF Metadata Burp Extension provides an additional passive Scanner check for metadata in PDF files.☆11Jan 10, 2017Updated 9 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆659Feb 1, 2025Updated last year
- Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.☆49Jul 20, 2022Updated 3 years ago
- ☆46May 15, 2016Updated 9 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆738May 4, 2019Updated 6 years ago
- This changes the style of Burp Suite's Repeater tabs to help the testers☆29Jul 3, 2019Updated 6 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- Apache Solr Injection Research☆580Jan 28, 2020Updated 6 years ago
- A tool to bruteforce nameservers when working with subdomain delegations to AWS.☆58Aug 22, 2019Updated 6 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,483Oct 12, 2024Updated last year
- Reverse proxies cheatsheet☆1,855Nov 4, 2023Updated 2 years ago
- HTTP Desync Attack☆28May 17, 2020Updated 5 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Mar 1, 2023Updated 3 years ago
- Get all the CNs from a list of domains☆45Aug 17, 2021Updated 4 years ago
- A collection of scripts to extend Burp Suite☆142Apr 8, 2019Updated 6 years ago
- ☆705Nov 27, 2024Updated last year
- CVE-2017-9506 - SSRF☆190Feb 14, 2022Updated 4 years ago
- Some private tools i decided to release for public.☆49Mar 14, 2024Updated 2 years ago
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆80Jun 1, 2019Updated 6 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆583Sep 7, 2021Updated 4 years ago
- DupeKeyInjector☆134Apr 16, 2022Updated 3 years ago
- PDML importer for Burp Suite☆28Oct 20, 2020Updated 5 years ago
- DOM XSS scanner for Single Page Applications☆414Nov 15, 2025Updated 4 months ago
- Scans tcl for command injection☆36May 24, 2019Updated 6 years ago
- Quickly Search Large DNS Datasets☆585Dec 21, 2020Updated 5 years ago
- A tool to find sensitive keys and passwords in Travis logs☆139Jun 27, 2021Updated 4 years ago
- List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.☆84Mar 23, 2018Updated 7 years ago
- A Burpsuite extension written in Python to perform basic validation fuzzing☆11Oct 7, 2022Updated 3 years ago
- Fetch known urls from AlienVault's Open Threat Exchange for given hosts☆63Jul 22, 2019Updated 6 years ago
- JWT fuzzer☆107Jul 24, 2018Updated 7 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆295Jan 15, 2025Updated last year
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,744Feb 16, 2026Updated last month
- Continuous monitoring for JavaScript files☆225Dec 29, 2019Updated 6 years ago
- Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.☆28Aug 4, 2021Updated 4 years ago