nullenc0de / Cognitohunter
A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter specializes in dissecting AWS Cognito implementations and performing advanced credential-to-session conversions.
☆20Updated 2 months ago
Alternatives and similar repositories for Cognitohunter:
Users that are interested in Cognitohunter are comparing it to the libraries listed below
- ☆26Updated last week
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆70Updated 3 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated 3 weeks ago
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆20Updated 7 months ago
- Make better use of the embedded browser that comes by default with Burp☆43Updated last year
- Exploit for Symfony CVE-2024-50340 (forked eos)☆28Updated 4 months ago
- Bcheck scripts for Burp☆25Updated 7 months ago
- ☆60Updated 2 years ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆53Updated 5 months ago
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆50Updated last month
- ☆27Updated 2 years ago
- BurpSuite extension to convert requests into bcheck scripts☆31Updated last year
- A tool to guess the rest of the shortnames provided by vulnerable IIS instances.☆39Updated last year
- ElasticSearch exploit and Pentesting guide for penetration tester☆26Updated 2 years ago
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆44Updated 9 months ago
- Enhanced 403 bypass header☆21Updated 2 years ago
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆34Updated 4 months ago
- Web cache poisoning vulnerability scanner.☆65Updated 2 years ago
- vīlicus is a bug bounty api dashboard☆40Updated last year
- tool that generates bypasses for open redirects☆52Updated 2 years ago
- A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.☆39Updated 4 months ago
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissions☆29Updated 6 months ago
- ☆25Updated 2 years ago
- ☆26Updated 2 years ago
- Archived Please go to https://github.com/adamjsturge/xsshunter-go☆31Updated last year
- A Burp extension to help pentesters copy requests / responses for reports.☆38Updated 3 months ago
- NotSoCereal: A Deserialization exploit playground☆51Updated 3 years ago
- ☆17Updated last year
- Template Nuclei SSTI☆29Updated last year
- Scanner for Cross-Site WebSocket Hijacking☆42Updated 4 years ago