kh4sh3i / Apache-Tomcat-Pentesting
Apache Tomcat exploit and Pentesting guide for penetration tester
☆59Updated 2 years ago
Alternatives and similar repositories for Apache-Tomcat-Pentesting:
Users that are interested in Apache-Tomcat-Pentesting are comparing it to the libraries listed below
- HTTP verb tampering & methods enumeration☆58Updated 3 years ago
- A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…☆115Updated last year
- ☆68Updated last year
- ☆55Updated 2 years ago
- HTTP parameter discovery suite.☆63Updated 4 years ago
- ☆73Updated 11 months ago
- A path-normalization pentesting tool.☆126Updated last year
- Mine URLs from Browser's Heap Snapshot for fun and profit☆64Updated last year
- ☆78Updated 2 years ago
- BChecks collection for Burp Suite Professional☆96Updated 10 months ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆75Updated last year
- A tool that automates the search for IDOR vulnerabilities in web apps and APIs☆57Updated 4 years ago
- Checks whether a domain is hosted on a cloud service such as AWS, Azure or CloudFlare☆59Updated 2 years ago
- Custom scan profiles for use with Burp Suite Pro☆141Updated last year
- Enumerate old versions of robots.txt paths using Wayback Machine for content discovery☆47Updated last year
- Here Are Some Bug Bounty Resource From Twitter☆90Updated 2 months ago
- IIS shortname scanner + bruteforce☆52Updated last year
- A python3 script searching for secret on swaggerhub☆65Updated 3 years ago
- Learn how to automate XSS, SSRF, LFI, SQLI, NoSQLi☆39Updated 3 years ago
- ☆56Updated 11 months ago
- A simple automation tool to detect lfi, rce and ssti vulnerability☆55Updated 3 years ago
- The (WordPress) website test script can be exploited for Unlimited File Upload via CVE-2020-35489☆30Updated last year
- unleashed ffuf☆111Updated 9 months ago
- ☆68Updated 2 years ago
- Simple fork from degoogle original project with bug hunting purposes☆87Updated 2 years ago
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆44Updated 10 months ago
- golang tool to scan domains or single domains with know security issues against xmlrpc☆62Updated last year
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Updated 3 years ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆53Updated 6 months ago
- Striping CDN IPs from a list of IP Addresses☆77Updated 2 years ago