ngalongc/openapi_security_scanner

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ngalongc/openapi_security_scanner)

ngalongc / openapi_security_scanner

☆172

Alternatives and similar repositories for openapi_security_scanner

Users that are interested in openapi_security_scanner are comparing it to the libraries listed below

Sorting:

Static-Flow / BurpSuiteAutoRepeaterNaming
View on GitHub
This extension replaces the default repeater tab name with the URL path of the repeater request.
☆24Sep 3, 2021Updated 4 years ago
honoki / bbrf-client
View on GitHub
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
☆642Jul 7, 2025Updated 7 months ago
ghsec / ghsec-jaeles-signatures
View on GitHub
Signatures for jaeles scanner by @j3ssie
☆117Apr 20, 2024Updated last year
filedescriptor / untrusted-types
View on GitHub
☆695Jul 4, 2022Updated 3 years ago
ayoubfathi / leaky-paths
View on GitHub
A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…
☆1,024Feb 22, 2026Updated last week
defparam / h1stats
View on GitHub
a tool that compiles a csv of all h1 program stats
☆49Jul 2, 2023Updated 2 years ago
hahwul / can-i-protect-xss
View on GitHub
Everything about xss protection technology
☆14Oct 22, 2019Updated 6 years ago
ameenmaali / qsfuzz
View on GitHub
qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
☆303Feb 12, 2023Updated 3 years ago
dwisiswant0 / wadl-dumper
View on GitHub
Dump all available paths and/or endpoints on WADL file.
☆98Nov 24, 2025Updated 3 months ago
D4Vinci / CWFF
View on GitHub
Create your Custom Wordlist For Fuzzing
☆201Oct 14, 2024Updated last year
danielthatcher / smuggles
View on GitHub
An HTTP request smuggling scanner designed to work at scale
☆25Oct 2, 2022Updated 3 years ago
0xcoyote / FFmpeg-HLS-SSRF
View on GitHub
Server and avi file to exploit FFmpeg HLS parse
☆22Jun 26, 2019Updated 6 years ago
codingo / bbr
View on GitHub
An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
☆217Nov 3, 2020Updated 5 years ago
BlackFan / cspp-tools
View on GitHub
Client-Side Prototype Pollution Tools
☆87Sep 21, 2021Updated 4 years ago
BonJarber / SecUtils
View on GitHub
Random utilities from my security projects that might be useful to others
☆183Jan 26, 2025Updated last year
iangcarroll / cookiemonster
View on GitHub
🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
☆967Jan 10, 2025Updated last year
R0X4R / Garud
View on GitHub
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…
☆802Jul 4, 2023Updated 2 years ago
optiv / mobile-nuclei-templates
View on GitHub
☆436Jun 1, 2021Updated 4 years ago
nikitastupin / clairvoyance
View on GitHub
Obtain GraphQL API schema even if the introspection is disabled
☆1,396Dec 5, 2025Updated 2 months ago
assetnote / blind-ssrf-chains
View on GitHub
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
☆953Dec 31, 2021Updated 4 years ago
BonJarber / fresh-resolvers
View on GitHub
List of fresh DNS resolvers updated daily
☆107Feb 9, 2023Updated 3 years ago
assetnote / kiterunner
View on GitHub
Contextual Content Discovery Tool
☆3,096Apr 29, 2024Updated last year
cloudchefs / openapi-security-scanner
View on GitHub
Identify vulnerabilities in your API's using the OpenAPI Security Scanner
☆12Dec 6, 2018Updated 7 years ago
BlackFan / client-side-prototype-pollution
View on GitHub
Prototype Pollution and useful Script Gadgets
☆1,584Jan 27, 2024Updated 2 years ago
neex / http2smugl
View on GitHub
☆562Mar 27, 2025Updated 11 months ago
codingo / DNSCewl
View on GitHub
A DNS Bruteforcing Wordlist Generator
☆362Feb 22, 2023Updated 3 years ago
random-robbie / bruteforce-lists
View on GitHub
Some files for bruteforcing certain things.
☆1,399Feb 18, 2026Updated last week
KathanP19 / protoscan
View on GitHub
Prototype Pollution Scanner
☆139Apr 11, 2021Updated 4 years ago
assetnote / batchql
View on GitHub
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
☆406Dec 24, 2022Updated 3 years ago
obheda12 / GitDorker
View on GitHub
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
☆2,489Aug 3, 2024Updated last year
ameenmaali / whoareyou
View on GitHub
whoareyou is a tool to find the underlying technology/software used in a list of websites passed through stdin (using Wappalyzer dataset)
☆32Jun 15, 2020Updated 5 years ago
wdahlenburg / VhostFinder
View on GitHub
Identify virtual hosts by similarity comparison
☆137Aug 12, 2024Updated last year
fransr / postMessage-tracker
View on GitHub
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
☆1,293Jan 26, 2024Updated 2 years ago
random-robbie / rb-recon
View on GitHub
☆13Feb 14, 2022Updated 4 years ago
honoki / tools
View on GitHub
A collection of simple tools and poc-builders
☆39Jul 22, 2025Updated 7 months ago
Senanfurkan / Chaos-Recon
View on GitHub
This little script for gathering chaos.projectdiscovery.io recon data in an organized way and finding the daily differences on it
☆18Aug 9, 2020Updated 5 years ago
msrkp / PPScan
View on GitHub
Client Side Prototype Pollution Scanner
☆523Sep 17, 2022Updated 3 years ago
Josue87 / roboxtractor
View on GitHub
Extract endpoints marked as disallow in robots files to generate wordlists.
☆58Mar 2, 2022Updated 4 years ago
Raz0r / aemscan
View on GitHub
Adobe Experience Manager Vulnerability Scanner
☆186May 22, 2023Updated 2 years ago