mzfr / liffy
Local file inclusion exploitation tool
☆793Updated last year
Related projects ⓘ
Alternatives and complementary repositories for liffy
- Tool to help exploit XXE vulnerabilities☆542Updated last year
- The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.☆1,109Updated 3 weeks ago
- Making Favicon.ico based Recon Great again !�☆1,128Updated last year
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆946Updated 2 years ago
- A fuzzer for detecting open redirect vulnerabilities☆713Updated 4 months ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆696Updated last year
- Automation for javascript recon in bug bounty.☆901Updated last year
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆671Updated last year
- Open Redirection Analyzer☆753Updated last year
- A Powerful Subdomain Takeover Tool☆932Updated last year
- 🎯 RFI/LFI Payload List☆538Updated 4 months ago
- 🎯 Open Redirect Payload List☆533Updated 4 months ago
- Subdomain takeover vulnerability checker☆1,065Updated 2 months ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,680Updated 6 months ago
- Generates combination of domain names from the provided input.☆901Updated 5 months ago
- A wordlist of API names for web application assessments☆761Updated last year
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,218Updated 2 months ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆778Updated last year
- Accept URLs on stdin, replace all query string values with a user-supplied value☆768Updated 2 years ago
- A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.☆875Updated 11 months ago
- Burp plugin able to find reflected XSS on page in real-time while browsing on site☆1,133Updated 3 years ago
- Fetches javascript file from a list of URLS or subdomains.☆740Updated last year
- Heuristic Vulnerable Parameter Scanner☆572Updated 10 months ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆639Updated 5 years ago
- Content discovery wordlists generated using BigQuery☆558Updated 4 years ago
- A fast DOM based XSS vulnerability scanner with simplicity.☆771Updated 2 years ago
- fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion b…☆521Updated 2 years ago
- XSS payloads designed to turn alert(1) into P1☆1,341Updated last year
- List DTDs and generate XXE payloads using those local DTDs.☆614Updated 9 months ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆936Updated 4 months ago