juerkkil / secheaders

Related projects ⓘ

Alternatives and complementary repositories for secheaders

• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆42Updated 9 months ago
• codingo / bug-bounty-dorks
  List of Google Dorks for sites that have responsible disclosure program / bug bounty program
  ☆19Updated 5 years ago
• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆98Updated 11 months ago
• Ebryx / S3Rec0n
  A colorful cross-platform python script to test misconfigurations of AWS S3 buckets both through authenticated and unauthenticated checks…
  ☆39Updated 3 years ago
• xapax / owasp-checklist
  ☆27Updated 5 years ago
• orlyjamie / asnrecon
  ASN reconnaissance script
  ☆124Updated 9 months ago
• vianasw / dvwps
  Damn Vulnerable WordPress Site
  ☆50Updated last year
• Orange-Cyberdefense / versionshaker
  Find the remote website version based on a git repository
  ☆124Updated 3 years ago
• FishermansEnemy / bucket_finder
  Amazon bucket brute force tool
  ☆95Updated 11 years ago
• abuvanth / kicks3
  S3 bucket finder from html,js and bucket misconfiguration testing tool
  ☆33Updated 4 years ago
• tomnomnom / concurl
  Make concurrent requests with the curl command-line tool
  ☆72Updated 5 years ago
• secdec / attack-surface-detector-cli
  ☆75Updated 2 years ago
• PortSwigger / aws-security-checks
  AWS Security Checks
  ☆36Updated 6 years ago
• koenbuyens / securityheaders
  Check any website (or set of websites) for insecure security headers.
  ☆245Updated last year
• th3hack3rwiz / Lazy-FuzzZ
  Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …
  ☆51Updated 3 years ago
• In3tinct / Taken
  Takeover AWS ips and have a working POC for Subdomain Takeover.
  ☆89Updated 8 months ago
• AI-BlackB0x / KeepNoteOSCP
  KeepNote For OSCP Course
  ☆22Updated 4 years ago
• fellchase / flumberboozle
  Suite of programs meant to aid in bug hunting and security assessments
  ☆76Updated 4 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆169Updated 2 years ago
• agrawalsmart7 / autoRecon
  This tool is for automate the initial things that we usually do in daily pentesting. So you can focus more on the main target.
  ☆78Updated 5 years ago
• GitLab-Red-Team / gitrob
  Reconnaissance tool for GitLab and GitHub organizations
  ☆49Updated last year
• ghostlulzhacks / waybackMachine
  ☆58Updated 3 years ago
• Shivangx01b / CorsMe
  Cross Origin Resource Sharing MisConfiguration Scanner
  ☆169Updated 3 years ago
• chennylmf / OWASP-Web-App-Pentesting-checklists
  ☆71Updated 4 years ago
• BountyStrike / Emissary
  Send notifications on different channels such as Slack, Telegram, Discord etc.
  ☆39Updated last year
• appsecco / practical-recon-levelup0x02
  This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…
  ☆60Updated 5 years ago
• samhaxr / TakeOver-v1
  Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdom…
  ☆101Updated last year
• GoonSecurity / Rupert
  ☆20Updated last year
• tdr130 / assetnote
  Push notifications for passive DNS data
  ☆107Updated 8 years ago