Let's check if your target is vulnerable for client side prototype pollution.
☆65Jan 9, 2024Updated 2 years ago
Alternatives and similar repositories for proto-find
Users that are interested in proto-find are comparing it to the libraries listed below
Sorting:
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆519Jun 22, 2022Updated 3 years ago
- A Multi-Processing Tool for collecting and extracting information to an Excel file from a Burp Suite output file.☆10Apr 8, 2024Updated last year
- ☆79Mar 26, 2024Updated last year
- A tool to guess the rest of the shortnames provided by vulnerable IIS instances.☆41Aug 12, 2023Updated 2 years ago
- Client-Side Prototype Pollution Tools☆87Sep 21, 2021Updated 4 years ago
- Burp extension to create target specific and tailored wordlist from burp history.☆256Dec 8, 2021Updated 4 years ago
- ☆95Sep 18, 2021Updated 4 years ago
- TProx is a fast reverse proxy path traversal detector and directory bruteforcer.☆30Sep 16, 2021Updated 4 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆374Jul 25, 2023Updated 2 years ago
- Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)☆289Sep 26, 2023Updated 2 years ago
- Generate a dynamic PAC script that will route traffic to your Burp proxy only if it matches the scope defined in your Burp target.☆33Nov 8, 2021Updated 4 years ago
- Detects request smuggling via HTTP/2 downgrades.☆94Jul 30, 2022Updated 3 years ago
- ☆148Dec 23, 2022Updated 3 years ago
- Enhanced 403 bypass header☆21Sep 12, 2022Updated 3 years ago
- A Security Tool for Enumerating WebSockets☆366Jan 10, 2022Updated 4 years ago
- Prototype Pollution Scanner☆139Apr 11, 2021Updated 4 years ago
- Piper Burp Suite Extender plugin☆129Jan 14, 2026Updated last month
- Turbo Intruder Scripts☆228Jun 11, 2020Updated 5 years ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆406Dec 24, 2022Updated 3 years ago
- A tool to test working urls.☆43Nov 17, 2020Updated 5 years ago
- Scanner for Cross-Site WebSocket Hijacking☆41Feb 19, 2026Updated 2 weeks ago
- qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.☆30May 6, 2020Updated 5 years ago
- A Broken-URL Checker☆82Nov 2, 2017Updated 8 years ago
- Responser☆55Apr 18, 2022Updated 3 years ago
- Fernbach is a vulnerable API written in the Flask micro web framework. The intent of this API is for testing the OWASP top ten vulnerabil…☆30Feb 4, 2022Updated 4 years ago
- Jeeves SQLI Finder☆215May 13, 2022Updated 3 years ago
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆426Feb 20, 2026Updated 2 weeks ago
- Demo of various ways to exploit post based reflected XSS☆18Jul 6, 2023Updated 2 years ago
- ☆27Mar 18, 2020Updated 5 years ago
- Nuclei templates for source code analysis. Detects hardcoded secrets, config leaks, debug endpoints. Also helps identify OWASP Top 10 iss…☆83Jun 11, 2025Updated 8 months ago
- ☆18Jul 21, 2025Updated 7 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆203Aug 5, 2024Updated last year
- WordPress Plugin Update Confusion☆67Dec 7, 2021Updated 4 years ago
- Feed it a list of subdomains, it will resolve them and tell you which ones are internal☆93Nov 21, 2021Updated 4 years ago
- Find subdomains on GitLab.☆106Apr 28, 2024Updated last year
- This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.☆36May 14, 2022Updated 3 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆156Nov 24, 2023Updated 2 years ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆344Dec 31, 2024Updated last year
- huntr.dev public disclosures/hacktivity watcher☆16Nov 5, 2023Updated 2 years ago