johnsaigle / scary-stringsLinks
Collection of wordlists containing dangerous function calls in many languages
☆49Updated 3 weeks ago
Alternatives and similar repositories for scary-strings
Users that are interested in scary-strings are comparing it to the libraries listed below
Sorting:
- Nuclei plugins to audit Chrome extensions☆64Updated 10 months ago
- Hijack a slack bot to phish your way in☆55Updated last month
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Updated 4 months ago
- Burp Suite extension for testing Passkey systems.☆69Updated 2 months ago
- FrogPost: postMessage Security Testing Tool☆80Updated 3 weeks ago
- DelePwn is a security assessment tool designed to identify and demonstrate the risks associated with Google Workspace Domain-Wide Delegat…☆33Updated 2 weeks ago
- A collection of Turbo Intruder scripts.☆60Updated 4 months ago
- TruffleHog Explorer, a user-friendly web-based tool to visualize and analyze data extracted using TruffleHog.☆39Updated 4 months ago
- Protection against HTML smuggling attacks.☆96Updated this week
- Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing☆48Updated 2 months ago
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty in WebSocket☆75Updated last month
- AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.☆70Updated last week
- Autonomous AI C2☆30Updated 10 months ago
- A research project to add some brrrrrr to Burp☆173Updated 3 months ago
- Additional active scan checks for BURP☆27Updated 8 months ago
- cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com☆39Updated 2 years ago
- A python3 script searching for secret on swaggerhub☆65Updated 3 years ago
- Unicode Security Toolkit☆35Updated 7 months ago
- ☆30Updated last month
- An automated GitHub Actions-based crawler that fetches and updates public scopes from popular bug bounty platforms (like Hackerone/Bugcro…☆41Updated this week
- Addon for BHCE☆46Updated 2 months ago
- ☆90Updated 3 years ago
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissions☆35Updated last month
- CaptainCredz is a modular and discreet password-spraying tool.☆111Updated this week
- ☆55Updated last year
- ☆55Updated 2 years ago
- Do bulk whois lookups and get alerted on domains of interest.☆36Updated 10 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆57Updated last year
- Create tar/zip archives that try to exploit zipslip vulnerability.☆47Updated 8 months ago
- A tool which helps identifying client-side prototype polluting libraries☆39Updated last month