m4ll0k / Atlas

Related projects: ⓘ

• wagiro / BurpBounty
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
  ☆1,657Updated 4 months ago
• hahwul / XSpear
  🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
  ☆1,171Updated last year
• s0md3v / Bolt
  CSRF Scanner
  ☆538Updated 2 months ago
• 1ndianl33t / Gf-Patterns
  GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
  ☆1,185Updated this week
• elkokc / reflector
  Burp plugin able to find reflected XSS on page in real-time while browsing on site
  ☆1,114Updated 3 years ago
• assetnote / wordlists
  Automated & Manual Wordlists provided by Assetnote
  ☆1,284Updated last month
• mzfr / liffy
  Local file inclusion exploitation tool
  ☆767Updated last year
• swisskyrepo / SSRFmap
  Automatic SSRF fuzzer and exploitation tool
  ☆2,937Updated 3 months ago
• D35m0nd142 / LFISuite
  Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
  ☆1,661Updated 2 years ago
• 0xInfection / XSRFProbe
  The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
  ☆1,089Updated 4 months ago
• defparam / smuggler
  Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
  ☆1,785Updated 8 months ago
• cujanovic / Open-Redirect-Payloads
  Open Redirect Payloads
  ☆571Updated 2 years ago
• Ice3man543 / SubOver
  A Powerful Subdomain Takeover Tool
  ☆919Updated 11 months ago
• AlephNullSK / dnsgen
  Generates combination of domain names from the provided input.
  ☆886Updated 2 months ago
• luisfontes19 / xxexploiter
  Tool to help exploit XXE vulnerabilities
  ☆535Updated last year
• ssl / ezXSS
  ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
  ☆1,866Updated this week
• chrislockard / api_wordlist
  A wordlist of API names for web application assessments
  ☆725Updated last year
• yassineaboukir / sublert
  Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…
  ☆986Updated 3 years ago
• m4ll0k / SecretFinder
  SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
  ☆1,960Updated 3 months ago
• s0md3v / uro
  declutters url lists for crawling/pentesting
  ☆1,114Updated 3 months ago
• knassar702 / scant3r
  ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )
  ☆682Updated last year
• Dheerajmadhukar / 4-ZERO-3
  403/401 Bypass Methods + Bash Automation + Your Support ;)
  ☆1,122Updated 2 years ago
• ksharinarayanan / SSRFire
  An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
  ☆937Updated 2 years ago
• j3ssie / metabigor
  OSINT tools and more but without API key
  ☆1,215Updated 5 months ago
• cujanovic / SSRF-Testing
  SSRF (Server Side Request Forgery) testing resources
  ☆2,335Updated last year
• payloadbox / xxe-injection-payload-list
  🎯 XML External Entity (XXE) Injection Payload List
  ☆1,066Updated 2 months ago
• payloadbox / ssti-payloads
  🎯 Server Side Template Injection Payloads
  ☆591Updated 2 months ago
• codingo / VHostScan
  A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…
  ☆1,188Updated 9 months ago
• devanshbatham / FavFreak
  Making Favicon.ico based Recon Great again !
  ☆1,111Updated last year
• RenwaX23 / XSS-Payloads
  List of XSS Vectors/Payloads
  ☆1,158Updated 3 weeks ago