mschwager / route-detect
Find authentication (authn) and authorization (authz) security bugs in web application routes.
☆257Updated 8 months ago
Alternatives and similar repositories for route-detect:
Users that are interested in route-detect are comparing it to the libraries listed below
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆156Updated 4 months ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆181Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆253Updated 9 months ago
- Find CVE PoCs on GitHub☆144Updated last year
- A GraphQL enumeration and extraction tool☆130Updated 2 years ago
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery☆274Updated 3 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆191Updated 7 months ago
- Prototype pollution scanner using headless chrome☆216Updated 2 years ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆316Updated 2 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆153Updated 3 months ago
- Distribute ordinary bash commands over many systems☆161Updated 2 years ago
- A simple tool that helps to find assets/domains based on the Google Analytics ID.☆173Updated 2 months ago
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆349Updated this week
- ☆164Updated 4 months ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆124Updated 11 months ago
- ☆182Updated 4 months ago
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆177Updated last year
- ☆150Updated last year
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆120Updated 2 years ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆230Updated last year
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆133Updated 3 months ago
- A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities☆116Updated last year
- Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework☆167Updated 2 years ago
- ☆74Updated 8 months ago
- A streamlined tool for discovering private TLDs for security research.☆180Updated this week
- PP-finder Help you find gadget for prototype pollution exploitation☆151Updated 7 months ago
- Search for sensitive data in Postman public library.☆200Updated 2 months ago
- Automated learning of regexes for DNS discovery☆364Updated 2 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆171Updated 4 months ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆106Updated 2 months ago