A one liner Bash command which finds CORS in every possible endpoint.
☆150Jan 1, 2021Updated 5 years ago
Alternatives and similar repositories for CORS-one-liner
Users that are interested in CORS-one-liner are comparing it to the libraries listed below
Sorting:
- A simple Bash one liner with aim to automate CRLF vulnerability scanning.☆69Aug 18, 2020Updated 5 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆72Mar 12, 2022Updated 4 years ago
- XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.☆317Jun 1, 2022Updated 3 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆518Jun 22, 2022Updated 3 years ago
- A Payload Injector for bugbounties written in go☆70Jul 18, 2020Updated 5 years ago
- A tool to exploit imagetragick vulnerability to gain remote code execution☆20Dec 20, 2017Updated 8 years ago
- It contain google dork to find the wsdl file.☆13May 27, 2020Updated 5 years ago
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).☆25May 30, 2021Updated 4 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago
- Burp Suite Extensions☆12Oct 19, 2021Updated 4 years ago
- RECON Notes taking from every fucking book about bugbounty and web-app penetration testing exists☆19Feb 29, 2020Updated 6 years ago
- ☆19Nov 18, 2020Updated 5 years ago
- Pipe different tools with google dork Scanner☆56Jun 25, 2020Updated 5 years ago
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated last year
- ☆96Oct 1, 2021Updated 4 years ago
- ☆27Mar 18, 2020Updated 6 years ago
- Python Script to Print the name of the companies that are acquired by a Target Company and the Time of Acquisition.☆26Dec 5, 2021Updated 4 years ago
- Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.☆62Nov 29, 2022Updated 3 years ago
- Burp Extension to identify PII data☆21Jan 29, 2021Updated 5 years ago
- Feed it a list of subdomains, it will resolve them and tell you which ones are internal☆93Nov 21, 2021Updated 4 years ago
- You can read the writeup on this script here☆274Jul 12, 2020Updated 5 years ago
- Scrap Latest Information Security Resources☆35Nov 30, 2020Updated 5 years ago
- Tool to try multiple paths for PHPunit RCE CVE-2017-9841☆29Oct 18, 2021Updated 4 years ago
- Sweetuu is a Advance Shell which can be used to achieve RCE easily through LFI & RFI. For easy wins in bug bounty, upload sweetuu instead…☆10Dec 16, 2024Updated last year
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆65Apr 13, 2021Updated 4 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- A tool to bruteforce nameservers when working with subdomain delegations to AWS.☆58Aug 22, 2019Updated 6 years ago
- Detects request smuggling via HTTP/2 downgrades.☆94Jul 30, 2022Updated 3 years ago
- My gfPatterns☆15Aug 31, 2021Updated 4 years ago
- Secret and/or credential patterns used for gf.☆243Feb 10, 2023Updated 3 years ago
- ☆57Sep 2, 2020Updated 5 years ago
- Fetches javascript file from a list of URLS or subdomains.☆838Jul 22, 2025Updated 7 months ago
- Automated blind-xss search for Burp Suite☆285Oct 10, 2019Updated 6 years ago
- Saves pages to Wayback machine☆12Dec 2, 2024Updated last year
- Accept URLs on stdin, replace all query string values with a user-supplied value☆866Nov 23, 2022Updated 3 years ago
- Webapp to search tips on Twitter through #bugbountytips☆72Dec 2, 2022Updated 3 years ago
- ☆20Aug 15, 2020Updated 5 years ago
- Automated Recon Tool Installer☆16Jun 29, 2022Updated 3 years ago