johnsaigle / scary-stringsLinks
Collection of wordlists containing dangerous function calls in many languages
☆51Updated 3 weeks ago
Alternatives and similar repositories for scary-strings
Users that are interested in scary-strings are comparing it to the libraries listed below
Sorting:
- Nuclei plugins to audit Chrome extensions☆65Updated last year
- Hijack a slack bot to phish your way in☆55Updated 2 weeks ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Updated 6 months ago
- Burp Suite extension for testing Passkey systems.☆73Updated 4 months ago
- Additional active scan checks for BURP☆28Updated 10 months ago
- Stalker, the Extensible Attack Surface Management tool.☆86Updated last month
- A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representati…☆90Updated last year
- A tech enumeration toolkit focused on 404 Not found pages.☆25Updated 9 months ago
- Crawlector is a threat hunting framework designed for scanning websites for malicious objects.☆126Updated last year
- Identify hardcoded secrets in static structured text (version 2)☆91Updated 6 months ago
- ☆90Updated 3 years ago
- Damn Vulnerable Browser Extension (DVBE), previously named as Badly Coded Browser Extension (BCBE), is an open-source vulnerable Chrome E…☆26Updated 5 months ago
- Secrets Ninja is an GUI tool for validating & investigating API keys discovered during pentesting & bug bounty hunting.☆79Updated 3 weeks ago
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty in WebSocket☆80Updated last month
- Autonomous AI C2☆31Updated last year
- a hackbot proof-of-concept☆39Updated last year
- A python3 script searching for secret on swaggerhub☆67Updated 3 years ago
- FrogPost: postMessage Security Testing Tool☆92Updated 2 months ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆47Updated 10 months ago
- A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services …☆49Updated 2 years ago
- Jumpstart multiple WebSocket servers quickly☆32Updated 3 years ago
- ☆37Updated last year
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Updated 10 months ago
- ☆17Updated 3 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆42Updated last year
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated last year
- Attempt zone transfers on domains☆17Updated 4 years ago
- A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes☆43Updated last year
- cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com☆39Updated 2 years ago
- moniorg is a tool that leverages crt.sh website to monitor domains of a target☆47Updated 2 years ago