A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
☆558Mar 6, 2023Updated 2 years ago
Alternatives and similar repositories for tracy
Users that are interested in tracy are comparing it to the libraries listed below
Sorting:
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆469Nov 14, 2019Updated 6 years ago
- Probe a rendering engine for vulnerabilities and other features☆367Oct 13, 2021Updated 4 years ago
- ZIP File Raider - Burp Extension for ZIP File Payload Testing☆72Aug 31, 2020Updated 5 years ago
- Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.☆749Apr 12, 2022Updated 3 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆356Oct 14, 2020Updated 5 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,774Apr 26, 2024Updated last year
- A highly configurable Framework for easy automated web scanning☆381Jul 13, 2020Updated 5 years ago
- This tool can be used to brute discover GET and POST parameters☆1,393Aug 24, 2019Updated 6 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆378Oct 12, 2020Updated 5 years ago
- Burp Suite Extension to monitor new scope☆200Mar 31, 2021Updated 4 years ago
- A Tool for Domain Flyovers☆5,906May 22, 2022Updated 3 years ago
- Fast directory scanning and scraping tool☆630Feb 5, 2026Updated 3 weeks ago
- ☆2,316Dec 8, 2023Updated 2 years ago
- Automated HTTP Request Repeating With Burp Suite☆890Dec 15, 2021Updated 4 years ago
- rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments☆250Oct 15, 2019Updated 6 years ago
- This tool downloads, installs, and configures a shiny new copy of Chromium.☆471Apr 3, 2024Updated last year
- StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile ap…☆867Apr 27, 2021Updated 4 years ago
- DOM XSS scanner for Single Page Applications☆415Nov 15, 2025Updated 3 months ago
- DNS Rebinding Exploitation Framework☆493Apr 27, 2021Updated 4 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will m…☆99Dec 30, 2019Updated 6 years ago
- Improved decoder for Burp Suite☆138Aug 30, 2021Updated 4 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,130Dec 16, 2024Updated last year
- Automated blind-xss search for Burp Suite☆285Oct 10, 2019Updated 6 years ago
- ☆31Apr 6, 2021Updated 4 years ago
- A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)☆655Dec 17, 2021Updated 4 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆260Aug 22, 2021Updated 4 years ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,213Sep 14, 2020Updated 5 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆550Jun 12, 2017Updated 8 years ago
- Content hijacking proof-of-concept using Flash, PDF and Silverlight☆384May 16, 2019Updated 6 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆633Jun 20, 2017Updated 8 years ago
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆667Feb 25, 2021Updated 5 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆736May 4, 2019Updated 6 years ago
- Frontpage and Sharepoint fingerprinting and attack tool.☆284Aug 8, 2021Updated 4 years ago
- A Burp Extension designed to identify argument injection vulnerabilities.☆122Apr 16, 2019Updated 6 years ago
- Extracting URLs of a specific target based on the results of "commoncrawl.org"☆275Dec 4, 2025Updated 2 months ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆584Sep 7, 2021Updated 4 years ago
- secretz, minimizing the large attack surface of Travis CI☆324May 30, 2022Updated 3 years ago
- jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.☆154Feb 15, 2021Updated 5 years ago