nccgroup / wssip

Related projects: ⓘ

• FSecureLABS / dref
  DNS Rebinding Exploitation Framework
  ☆479Updated 3 years ago
• intrepidusgroup / mallory
  Mallory - MiTM TCP and UDP Proxy
  ☆313Updated 2 years ago
• PortSwigger / hackability
  Probe a rendering engine for vulnerabilities and other features
  ☆364Updated 2 years ago
• brannondorsey / dns-rebind-toolkit
  A front-end JavaScript toolkit for creating DNS rebinding attacks.
  ☆482Updated 2 years ago
• nccgroup / tracy
  A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
  ☆552Updated last year
• mandatoryprogrammer / JudasDNS
  Nameserver DNS poisoning attacks made easy
  ☆515Updated 7 years ago
• sensepost / mallet
  Mallet is an intercepting proxy for arbitrary protocols
  ☆258Updated 3 months ago
• dxa4481 / cssInjection
  Stealing CSRF tokens with CSS injection (without iFrames)
  ☆315Updated 6 years ago
• brannondorsey / whonow
  A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
  ☆619Updated 2 years ago
• franccesco / getaltname
  Extract subdomains from SSL certificates in HTTPS sites.
  ☆364Updated 3 weeks ago
• SolomonSklash / chomp-scan
  A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
  ☆393Updated 4 years ago
• andresriancho / race-condition-exploit
  Tool to help with the exploitation of web application race conditions
  ☆178Updated 6 years ago
• bugbountyforum / XSS-Radar
  ☆317Updated 6 years ago
• orangetw / Tiny-URL-Fuzzer
  A tiny and cute URL fuzzer
  ☆386Updated last year
• chris408 / ct-exposer
  An OSINT tool that discovers sub-domains by searching Certificate Transparency logs
  ☆465Updated 2 years ago
• pathetiq / BurpSmartBuster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆382Updated 3 years ago
• pownjs / pown
  Pown.js is a security testing an exploitation toolkit built on top of Node.js and NPM.
  ☆259Updated last year
• rmikehodges / hideNsneak
  a CLI for ephemeral penetration testing
  ☆7Updated 4 years ago
• skepticfx / hookish
  Hooks in to interesting functions and helps reverse the web app faster.
  ☆162Updated last week
• fcavallarin / htcap
  htcap is a web application scanner able to crawl single page application (SPA) recursively by intercepting ajax calls and DOM changes.
  ☆610Updated 2 years ago
• allfro / BurpKit
  Next-gen BurpSuite penetration testing tool
  ☆454Updated 8 years ago
• 0x4D31 / burpa
  Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applica…
  ☆480Updated 6 years ago
• lightbulb-framework / lightbulb-framework
  Tools for auditing WAFS
  ☆456Updated 3 years ago
• ZephrFish / DockerAttack
  Various Tools and Docker Images
  ☆277Updated 6 years ago
• RhinoSecurityLabs / SleuthQL
  Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
  ☆464Updated 4 years ago
• ewilded / psychoPATH
  psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…
  ☆270Updated 3 years ago
• mandatoryprogrammer / TrustTrees
  A Tool for DNS Delegation Trust Graphing
  ☆401Updated last year
• yandex / burp-molly-scanner
  Turn your Burp suite into headless active web application vulnerability scanner
  ☆154Updated 6 years ago
• ctxis / beemka
  Basic Electron Exploitation
  ☆201Updated 4 years ago