jobertabma / ground-control

Related projects ⓘ

Alternatives and complementary repositories for ground-control

• appsecco / bugcrowd-levelup-subdomain-enumeration
  This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…
  ☆634Updated 5 years ago
• bugbountyforum / XSS-Radar
  ☆318Updated 6 years ago
• BuffaloWill / oxml_xxe
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,037Updated 4 months ago
• mazen160 / bfac
  BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…
  ☆532Updated 2 years ago
• Varbaek / xsser
  From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
  ☆423Updated 4 years ago
• PortSwigger / collaborator-everywhere
  A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by caus…
  ☆425Updated 11 months ago
• mandatoryprogrammer / cloudflare_enum
  Cloudflare DNS Enumeration Tool for Pentesters
  ☆516Updated 2 years ago
• TypeError / domained
  Multi Tool Subdomain Enumeration
  ☆722Updated 3 years ago
• anshumanbh / brutesubs
  An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …
  ☆257Updated 3 years ago
• JacobReynolds / ssrfDetector
  Server-side request forgery detector
  ☆149Updated 7 years ago
• nahamsec / HostileSubBruteforcer
  ☆454Updated 3 years ago
• EdOverflow / megplus
  Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
  ☆302Updated 6 years ago
• PortSwigger / backslash-powered-scanner
  Finds unknown classes of injection vulnerabilities
  ☆637Updated last year
• mandatoryprogrammer / xsshunter_client
  Correlated injection proxy tool for XSS Hunter
  ☆249Updated last year
• fransr / bountyplz
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆443Updated 5 years ago
• nccgroup / BurpSuiteHTTPSmuggler
  A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
  ☆709Updated 5 years ago
• infosec-au / enumXFF
  Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
  ☆218Updated 2 years ago
• vulnersCom / burp-vulners-scanner
  Vulnerability scanner based on vulners.com search API
  ☆834Updated 7 months ago
• nahamsec / JSParser
  ☆788Updated last year
• cheetz / sslScrape
  SSLScrape | A scanning tool for scaping hostnames from SSL certificates.
  ☆329Updated 3 years ago
• RUB-NDS / CORStest
  A simple CORS misconfiguration scanner
  ☆404Updated 4 years ago
• albinowax / ActiveScanPlusPlus
  ActiveScan++ Burp Suite Plugin
  ☆586Updated 2 years ago
• SolomonSklash / chomp-scan
  A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
  ☆394Updated 4 years ago
• milo2012 / pathbrute
  Pathbrute
  ☆444Updated 4 years ago
• jhaddix / domain
  Setup script for Regon-ng
  ☆923Updated 4 years ago
• Fuzzapi / fuzzapi
  Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
  ☆632Updated 3 years ago
• pathetiq / BurpSmartBuster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆383Updated 4 years ago
• infosec-au / bugbountydash
  [depreciated] Terminal dashboard for bug bounty hunters that use HackerOne and Bugcrowd
  ☆189Updated 8 years ago
• P0cL4bs / kadimus
  kadimus is a tool to check and exploit lfi vulnerability.
  ☆514Updated 4 years ago