nullenc0de / Cognitohunter
A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter specializes in dissecting AWS Cognito implementations and performing advanced credential-to-session conversions.
☆20Updated 2 months ago
Alternatives and similar repositories for Cognitohunter:
Users that are interested in Cognitohunter are comparing it to the libraries listed below
- ☆30Updated 2 weeks ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated last month
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆71Updated 3 years ago
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆20Updated 7 months ago
- Make better use of the embedded browser that comes by default with Burp☆43Updated last year
- ☆62Updated 2 years ago
- Tool for helping in the exploitation of path traversal vulnerabilities in Java web applications☆29Updated 2 years ago
- Exploit for Symfony CVE-2024-50340 (forked eos)☆28Updated 4 months ago
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆50Updated last month
- Bcheck scripts for Burp☆27Updated 8 months ago
- ☆27Updated 2 years ago
- ☆25Updated 2 years ago
- BurpSuite extension to convert requests into bcheck scripts☆31Updated last year
- vīlicus is a bug bounty api dashboard☆40Updated last year
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆34Updated 5 months ago
- A tool to guess the rest of the shortnames provided by vulnerable IIS instances.☆39Updated last year
- tool that generates bypasses for open redirects☆52Updated 3 years ago
- ☆26Updated 2 years ago
- My talks...☆24Updated last month
- ElasticSearch exploit and Pentesting guide for penetration tester☆26Updated 2 years ago
- Web cache poisoning vulnerability scanner.☆65Updated 2 years ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆49Updated last year
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆53Updated 5 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆57Updated last year
- NotSoCereal: A Deserialization exploit playground☆52Updated 3 years ago
- ☆56Updated 11 months ago
- A collection of utilities for building extensions using Burp's Montoya API☆50Updated 9 months ago
- Archived Please go to https://github.com/adamjsturge/xsshunter-go☆31Updated last year
- Hunt SSL Certificates for interesting keywords on major cloud service providers / internet☆39Updated last month
- Mine URLs from Browser's Heap Snapshot for fun and profit☆64Updated last year