lc / theftfuzzer

Related projects: ⓘ

• cujanovic / CRLF-Injection-Payloads
  Payloads for CRLF Injection
  ☆210Updated 2 years ago
• staaldraad / xxeserv
  A mini webserver with FTP support for XXE payloads
  ☆326Updated 8 months ago
• daeken / SSRFTest
  SSRF testing tool
  ☆242Updated last year
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆292Updated 4 years ago
• defparam / tiscripts
  Turbo Intruder Scripts
  ☆214Updated 4 years ago
• Damian89 / extended-ssrf-search
  Smart ssrf scanner using different methods like parameter brute forcing in post and get...
  ☆275Updated 3 years ago
• devoteam-cybertrust / burpcollaborator-docker
  This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…
  ☆279Updated 2 months ago
• bayotop / off-by-slash
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆251Updated 2 years ago
• ZephrFish / Wordlists
  Various Payload wordlists
  ☆233Updated 4 years ago
• makuga01 / dnsFookup
  DNS rebinding toolkit
  ☆250Updated last year
• ameenmaali / qsfuzz
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆295Updated last year
• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆601Updated 6 months ago
• cablej / FileChangeMonitor
  Continuous monitoring for JavaScript files
  ☆216Updated 4 years ago
• fransr / bountyplz
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆438Updated 5 years ago
• dark-warlord14 / JSScanner
  You can read the writeup on this script here
  ☆266Updated 4 years ago
• internetwache / CT_subdomains
  An hourly updated list of subdomains gathered from certificate transparency logs
  ☆340Updated 2 years ago
• zseano / InputScanner
  ☆231Updated 6 years ago
• assetnote / commonspeak2-wordlists
  Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.
  ☆515Updated 6 years ago
• zseano / JS-Scan
  a .js scanner, built in php. designed to scrape urls and other info
  ☆203Updated 7 years ago
• EdOverflow / megplus
  Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
  ☆301Updated 5 years ago
• whitel1st / docem
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆502Updated 7 months ago
• Regala / burp-scope-monitor
  Burp Suite Extension to monitor new scope
  ☆195Updated 3 years ago
• nashcontrol / bounty-monitor
  Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains …
  ☆219Updated last year
• codingo / crithit
  Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…
  ☆204Updated 4 years ago
• tijme / angularjs-csti-scanner
  Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.
  ☆300Updated 2 years ago
• Bo0oM / ParamPamPam
  ☆268Updated 2 years ago
• In3tinct / See-SURF
  Python based scanner to find potential SSRF parameters
  ☆282Updated 5 months ago
• maK- / scantastic-tool
  It's bloody scantastic
  ☆232Updated 2 years ago
• fransr / template-generator
  A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…
  ☆247Updated last year
• infosec-au / enumXFF
  Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
  ☆215Updated 2 years ago