mschwager / route-detect
Find authentication (authn) and authorization (authz) security bugs in web application routes.
☆250Updated 2 months ago
Related projects: ⓘ
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆151Updated 3 weeks ago
- Find CVE PoCs on GitHub☆136Updated 11 months ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆175Updated 2 years ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆134Updated 3 months ago
- ☆143Updated last year
- ☆173Updated 6 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆242Updated 4 months ago
- Distribute ordinary bash commands over many systems☆161Updated 2 years ago
- Black box fuzzer for web applications☆395Updated 2 months ago
- Automated learning of regexes for DNS discovery☆350Updated last year
- GitHub Attack Toolkit - Extreme Edition☆151Updated this week
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆524Updated 9 months ago
- gRPC-Web Pentesting Suite + Burp Suite Extension☆159Updated 2 months ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆110Updated last month
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆297Updated 4 months ago
- JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the target…☆327Updated 2 weeks ago
- Bambdas collection for Burp Suite Professional and Community.☆193Updated last month
- A GraphQL enumeration and extraction tool☆127Updated last year
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆333Updated last week
- PP-finder Help you find gadget for prototype pollution exploitation☆127Updated last month
- Session Hijacking Visual Exploitation☆189Updated 6 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆182Updated last month
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆95Updated 7 months ago
- Prototype pollution scanner using headless chrome☆196Updated 2 years ago
- ☆70Updated 2 months ago
- A simple tool that helps to find assets/domains based on the Google Analytics ID.☆166Updated 4 months ago
- Build your own reconnaissance system with Osmedeus Next Generation☆177Updated 3 months ago
- Local File Inclusion discovery and exploitation tool☆210Updated last month
- Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scena…☆115Updated 2 weeks ago
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆172Updated 2 years ago