kleiton0x00 / ppmapLinks
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
☆513Updated 3 years ago
Alternatives and similar repositories for ppmap
Users that are interested in ppmap are comparing it to the libraries listed below
Sorting:
- Gotator is a tool to generate DNS wordlists through permutations.☆494Updated 3 years ago
- HTTP Request Smuggling Detection Tool☆524Updated last year
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it☆453Updated last year
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆321Updated 2 months ago
- ☆295Updated 3 years ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆389Updated 3 years ago
- A fast and minimal JS endpoint extractor☆378Updated 10 months ago
- Automated learning of regexes for DNS discovery☆372Updated 2 years ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆637Updated last month
- Nuclei templates written by geeknik. Claude is my co-pilot. 🤖☆277Updated last month
- A tool to check a bunch of URLs that contain reflecting params.☆593Updated last year
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,008Updated last month
- Customisable and automated HTTP header injection☆264Updated last year
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆74Updated last year
- Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations☆379Updated 5 years ago
- Js File Scanner☆170Updated 3 years ago
- This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contai…☆525Updated 10 months ago
- Golang client for querying SecurityTrails API data☆574Updated 2 years ago
- Burpsuite plugin for Interact.sh☆227Updated last year
- Generate tens of thousands of subdomain combinations in a matter of seconds☆271Updated 2 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆633Updated 2 months ago
- A Security Tool for Enumerating WebSockets☆362Updated 3 years ago
- hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.☆452Updated 3 years ago
- Smart context-based SSRF vulnerability scanner.☆356Updated 3 years ago
- Takes a list of URLs and returns their HTTP response codes☆400Updated last year
- ☆523Updated 2 years ago
- Full Nuclei automation script with logic explanation.☆245Updated 3 years ago
- Fetches javascript file from a list of URLS or subdomains.☆803Updated 2 months ago
- Web dashboard for Interactsh client☆231Updated 4 months ago
- Useful "Match and Replace" burpsuite rules☆349Updated 2 years ago