johnsaigle / scary-stringsLinks
Collection of wordlists containing dangerous function calls in many languages
☆50Updated this week
Alternatives and similar repositories for scary-strings
Users that are interested in scary-strings are comparing it to the libraries listed below
Sorting:
- Hijack a slack bot to phish your way in☆55Updated 2 months ago
- Nuclei plugins to audit Chrome extensions☆65Updated 11 months ago
- Additional active scan checks for BURP☆27Updated 8 months ago
- FrogPost: postMessage Security Testing Tool☆80Updated last month
- Burp Suite extension for testing Passkey systems.☆69Updated 2 months ago
- A collection of Turbo Intruder scripts.☆61Updated 4 months ago
- An automated GitHub Actions-based crawler that fetches and updates public scopes from popular bug bounty platforms (like Hackerone/Bugcro…☆41Updated this week
- A web based checklist driven note taking app following bug bounty and web app pentest methodology.☆37Updated last week
- Damn Vulnerable Browser Extension (DVBE), previously named as Badly Coded Browser Extension (BCBE), is an open-source vulnerable Chrome E…☆24Updated 3 months ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Updated 5 months ago
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty in WebSocket☆77Updated last month
- Autonomous AI C2☆31Updated 11 months ago
- Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing☆49Updated 3 months ago
- DelePwn is a security assessment tool designed to identify and demonstrate the risks associated with Google Workspace Domain-Wide Delegat…☆33Updated last month
- TruffleHog Explorer, a user-friendly web-based tool to visualize and analyze data extracted using TruffleHog.☆42Updated 5 months ago
- Secure Code Review AI Agent (SeCoRA) - AI SAST☆48Updated 5 months ago
- ☆36Updated 10 months ago
- A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.☆23Updated 8 months ago
- Top 2025 Vulnerabilities You Shouldn’t Accept in a Pentest Report☆13Updated 4 months ago
- 🔗 A curated list of awesome Caido related projects☆37Updated 3 months ago
- swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.☆59Updated 2 years ago
- A research project to add some brrrrrr to Burp☆180Updated 4 months ago
- ☆64Updated 2 months ago
- Unicode Security Toolkit☆36Updated 8 months ago
- AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.☆70Updated 2 weeks ago
- moniorg is a tool that leverages crt.sh website to monitor domains of a target☆47Updated 2 years ago
- a hackbot proof-of-concept☆39Updated last year
- A python3 script searching for secret on swaggerhub☆65Updated 3 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆47Updated 9 months ago
- MyOpenVDP is a free web application to install a vulnerability disclosure policy or a vulnerability disclosure program on your assets. (V…☆29Updated 10 months ago