kleiton0x00 / ppmap
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
☆496Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for ppmap
- Gotator is a tool to generate DNS wordlists through permutations.☆457Updated 2 years ago
- A tool to check a bunch of URLs that contain reflecting params.☆536Updated 3 months ago
- Nuclei templates written by us.☆266Updated 3 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆615Updated this week
- ☆286Updated 2 years ago
- Accept URLs on stdin, replace all query string values with a user-supplied value☆767Updated last year
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆295Updated this week
- Fetches javascript file from a list of URLS or subdomains.☆739Updated last year
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆876Updated 5 months ago
- A fast and minimal JS endpoint extractor☆326Updated last week
- HTTP Request Smuggling Detection Tool☆472Updated 11 months ago
- This a adaption of tomnomnom's kxss tool with a different output format☆426Updated last year
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it☆445Updated 10 months ago
- Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations☆338Updated 4 years ago
- A fuzzer for detecting open redirect vulnerabilities☆712Updated 4 months ago
- Go client to communicate with Chaos DB API.☆641Updated this week
- Burp extension to create target specific and tailored wordlist from burp history.☆232Updated 2 years ago
- Automated learning of regexes for DNS discovery☆358Updated last year
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆50Updated 6 months ago
- The Fairly Fast Fetcher. Requests a bunch of URLs provided on stdin fairly quickly.☆387Updated 7 months ago
- Golang client for querying SecurityTrails API data☆539Updated last year
- Js File Scanner☆160Updated 2 years ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆356Updated 3 years ago
- This is go CLI tool for send fast Multiple get HTTP request.☆262Updated last year
- IIS shortname scanner written in Go☆312Updated last year
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆590Updated last year
- Takes a list of URLs and returns their HTTP response codes☆391Updated last year
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆400Updated last month
- List of reporting templates I have used since I started doing BBH.☆235Updated 2 months ago
- a javascript change monitoring tool for bugbounties☆589Updated 3 months ago