Reverse engineers GQL Schema and generates template payloads
☆46Apr 5, 2019Updated 6 years ago
Alternatives and similar repositories for graphqlschema2payload
Users that are interested in graphqlschema2payload are comparing it to the libraries listed below
Sorting:
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- Simple tools to handle string and generate subdomain permutations☆15Jun 8, 2022Updated 3 years ago
- Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.☆28Aug 4, 2021Updated 4 years ago
- Some random scripts. Just trying to be like the cool kids.☆101Jul 1, 2018Updated 7 years ago
- A tool for fetching archived URLs (to be rewritten in Go).☆41Jul 19, 2018Updated 7 years ago
- a JS tool that let you take screenshot of many hosts.☆13Aug 2, 2019Updated 6 years ago
- Improve automated and semi-automated active scanning in Burp Pro☆64Jun 4, 2025Updated 8 months ago
- Tool for making it easy to collect dns results from the CLI☆40Aug 14, 2024Updated last year
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- Query various sources for CVE proof-of-concepts☆53Jun 1, 2023Updated 2 years ago
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 5 years ago
- Proof of concept code for client-side vulnerabilities☆17Mar 14, 2019Updated 6 years ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆63Apr 17, 2020Updated 5 years ago
- ffmpeg exploitation tool☆28Aug 3, 2016Updated 9 years ago
- ☆30Jun 27, 2022Updated 3 years ago
- Find plaintext credentials from emails in bulk from password dumps, and generate emails on the fly.☆49Apr 9, 2019Updated 6 years ago
- This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping☆48Nov 12, 2019Updated 6 years ago
- A Go implementation of dirsearch.☆43Mar 10, 2019Updated 6 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- List HackerOne private program assets☆154Jun 24, 2021Updated 4 years ago
- Collection of different exploitation scenarios of JWT.☆21Jul 23, 2021Updated 4 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆82Feb 4, 2023Updated 3 years ago
- PostMessage extension☆102Aug 28, 2019Updated 6 years ago
- Extracts subdomains from a specified domain using https://recon.dev.☆16Sep 12, 2020Updated 5 years ago
- A lab to play with authentication and authorisation problems☆98Mar 7, 2023Updated 2 years ago
- Research on GraphQL from an AppSec point of view.☆419May 24, 2023Updated 2 years ago
- OAuth Security Cheatsheet☆41May 12, 2014Updated 11 years ago
- DupeKeyInjector☆134Apr 16, 2022Updated 3 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆304Aug 21, 2020Updated 5 years ago
- Burp Suite extension for JAX-RS☆65Mar 17, 2017Updated 8 years ago
- Print out URL schemas from an Android app☆128Feb 9, 2025Updated last year
- ☆12Feb 18, 2022Updated 4 years ago
- Check for know iframeBuster XSS☆12Sep 25, 2024Updated last year
- Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database☆108Jan 26, 2020Updated 6 years ago
- REST API backend for Reconmap☆46Jan 2, 2026Updated last month
- Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations☆85Feb 21, 2026Updated last week
- Hacked together script for feeding urls into Burp's Sitemap☆92Dec 7, 2025Updated 2 months ago
- Continuous monitoring for JavaScript files☆225Dec 29, 2019Updated 6 years ago
- Pulse SSL VPN Arbitrary File Read burp extension☆24Sep 24, 2019Updated 6 years ago