moeinfatehi / Backup-Finder
A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)
☆156Updated 5 months ago
Related projects: ⓘ
- Enumerate Subdomains Through Google Dorks☆118Updated 3 years ago
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆100Updated 2 years ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆139Updated last year
- A path-normalization pentesting tool.☆115Updated 11 months ago
- A tool that automates the search for IDOR vulnerabilities in web apps and APIs☆47Updated 3 years ago
- ☆142Updated last year
- ☆139Updated last year
- ☆97Updated this week
- Private Nuclei Templates☆88Updated last year
- All Type of Payloads☆127Updated 5 months ago
- The scripts I write to help me on my bug bounty hunting☆118Updated 2 years ago
- Automated Subdomain Enumeration and Scanning Tool☆107Updated 11 months ago
- ☆69Updated last year
- Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templ…☆91Updated last month
- Here Are Some Bug Bounty Resource From Twitter☆82Updated 4 months ago
- ☆107Updated last year
- A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)☆118Updated 2 years ago
- This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.☆237Updated last year
- Self-hosted passive subdomain continous monitoring tool.☆154Updated 7 months ago
- ☆52Updated last month
- Go scanner to find web cache poisoning vulnerabilities in a list of URLs☆121Updated 7 months ago
- Nodesub is a command-line tool for finding subdomains in bug bounty programs☆135Updated last month
- Describe how to use ffuf different options with examples☆75Updated last year
- Real world bug bounty wordlists☆107Updated last year
- ☆233Updated 3 years ago
- Identify virtual hosts by similarity comparison☆114Updated last month
- CVE Collection of jQuery XSS Payloads☆64Updated last year
- CVE Collection of jQuery UI XSS Payloads☆110Updated last year
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆172Updated 2 years ago
- This tool will check for Sensitive Data Leakage with some useful patterns/RegEx. The patterns are mostly targeted on waybackdata and filt…☆147Updated last month