kosmosec / proto-findLinks
Let's check if your target is vulnerable for client side prototype pollution.
☆66Updated last year
Alternatives and similar repositories for proto-find
Users that are interested in proto-find are comparing it to the libraries listed below
Sorting:
- ☆95Updated 4 years ago
- Dump all available paths and/or endpoints on WADL file.☆95Updated last month
- List all public repositories for (valid) GitHub usernames☆76Updated 2 years ago
- a tool that compiles a csv of all h1 program stats☆47Updated 2 years ago
- Basic implementation of certstream to print new subdomains and domains☆36Updated 4 years ago
- Custom scripts for the PIPER Burp extensions.☆98Updated 2 years ago
- ☆75Updated last year
- Detects request smuggling via HTTP/2 downgrades.☆94Updated 3 years ago
- swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.☆59Updated 2 years ago
- Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin☆45Updated 2 years ago
- Running nuclei Continuously☆57Updated 2 years ago
- Some contributions in the nuclei-templates repository☆58Updated 3 years ago
- Feed it a list of subdomains, it will resolve them and tell you which ones are internal☆93Updated 3 years ago
- Dependency Confusion Security Testing Tool☆51Updated 3 years ago
- goverview - Get an overview of the list of URLs☆142Updated 2 years ago
- ☆60Updated last year
- A collection of scripts for bug-bounty related stuff☆39Updated 5 years ago
- ☆48Updated 4 years ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆45Updated 4 years ago
- Performing automated scan using Burp Suite Pro & Vmware Burp Rest API☆50Updated 3 years ago
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆53Updated last year
- Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.☆113Updated 3 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆93Updated 2 months ago
- Tool for making it easy to collect dns results from the CLI☆40Updated last year
- A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks☆60Updated 6 years ago
- A custom built DNS bruteforcer with multi-threading, and handling of bad resolvers.☆57Updated 3 years ago
- Nuclei Templates Directory☆54Updated 2 weeks ago
- It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.☆59Updated 3 years ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆59Updated 3 years ago
- vīlicus is a bug bounty api dashboard☆41Updated 2 years ago