mschwager / route-detect
Find authentication (authn) and authorization (authz) security bugs in web application routes.
☆258Updated last week
Alternatives and similar repositories for route-detect:
Users that are interested in route-detect are comparing it to the libraries listed below
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆156Updated 4 months ago
- ☆150Updated last year
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆154Updated 3 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆253Updated 10 months ago
- ☆165Updated 5 months ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆181Updated 2 years ago
- Find CVE PoCs on GitHub☆144Updated last year
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery☆280Updated 3 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆191Updated 7 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆626Updated last year
- PP-finder Help you find gadget for prototype pollution exploitation☆152Updated 7 months ago
- Black box fuzzer for web applications☆425Updated 8 months ago
- Automated learning of regexes for DNS discovery☆364Updated 2 years ago
- ☆184Updated 4 months ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆134Updated 3 months ago
- Prototype pollution scanner using headless chrome☆216Updated 2 years ago
- Bambdas collection for Burp Suite Professional and Community.☆248Updated last week
- A simple tool that helps to find assets/domains based on the Google Analytics ID.☆173Updated 2 months ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆107Updated 2 months ago
- Distribute ordinary bash commands over many systems☆161Updated 2 years ago
- A streamlined tool for discovering private TLDs for security research.☆180Updated this week
- Discover new target domains using Content Security Policy☆399Updated this week
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆353Updated this week
- A GraphQL enumeration and extraction tool☆130Updated 2 years ago
- Awesome information for WebSockets security research☆260Updated 3 years ago
- Search for sensitive data in Postman public library.☆201Updated 2 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆171Updated 4 months ago
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice