mzfr / liffy
Local file inclusion exploitation tool
☆767Updated last year
Related projects: ⓘ
- Making Favicon.ico based Recon Great again !☆1,111Updated last year
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆937Updated 2 years ago
- Tool to help exploit XXE vulnerabilities☆535Updated last year
- A Powerful Subdomain Takeover Tool☆919Updated 11 months ago
- The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.☆1,089Updated 4 months ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆663Updated last year
- Web App bug hunting☆549Updated 2 months ago
- A fuzzer for detecting open redirect vulnerabilities☆691Updated 2 months ago
- Fetches javascript file from a list of URLS or subdomains.☆735Updated last year
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆686Updated last year
- Automation for javascript recon in bug bounty.☆886Updated last year
- Generates combination of domain names from the provided input.☆886Updated 2 months ago
- Open Redirection Analyzer☆732Updated last year
- A wordlist of API names for web application assessments☆725Updated last year
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,657Updated 4 months ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆925Updated 2 months ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,185Updated this week
- Open Redirect Payloads☆571Updated 2 years ago
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆515Updated 6 years ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆635Updated 5 years ago
- 🎯 RFI/LFI Payload List☆527Updated 2 months ago
- ⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.☆726Updated last year
- Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.☆1,192Updated 4 months ago
- Quick SQLMap Tamper Suggester☆1,329Updated 2 years ago
- Subdomain takeover vulnerability checker☆977Updated last week
- 🎯 Open Redirect Payload List☆509Updated 2 months ago
- An automated approach to performing recon for bug bounty hunting and penetration testing.☆441Updated 4 years ago
- A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…☆1,188Updated 9 months ago
- ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )☆682Updated last year
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆771Updated last year