nyancrimew / goop
Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
β609Updated last year
Alternatives and similar repositories for goop:
Users that are interested in goop are comparing it to the libraries listed below
- An extension for checking if .git is exposed in visited websitesβ419Updated last week
- πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.β877Updated 3 months ago
- Content-Type Researchβ612Updated last year
- β387Updated 3 years ago
- PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.β1,139Updated 8 months ago
- Making Favicon.ico based Recon Great again !β1,183Updated last year
- Tool to check for dependency confusion vulnerabilities in multiple package management systemsβ718Updated 8 months ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β971Updated 10 months ago
- a javascript change monitoring tool for bugbountiesβ638Updated 8 months ago
- Client Side Prototype Pollution Scannerβ518Updated 2 years ago
- Obtain GraphQL API schema even if the introspection is disabledβ1,165Updated 6 months ago
- Hidden parameters discovery suiteβ1,821Updated 7 months ago
- Electron JS Browser To Find XSS Vulnerabilities Automaticallyβ695Updated 4 years ago
- CORS Misconfiguration Scannerβ1,407Updated 2 years ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applicationsβ1,062Updated this week
- Pull out bits of URLs provided on stdinβ1,160Updated last year
- β539Updated 3 weeks ago
- The most exhaustive list of reliable DNS resolvers.β763Updated this week
- GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)β1,468Updated last year
- Subdomain and target enumeration tool built for offensive security testingβ869Updated 10 months ago
- "Can I take over DNS?" β a list of DNS providers and how to claim vulnerable domains.β1,024Updated last month
- 40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...β1,703Updated last year
- This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests aβ¦β330Updated 3 years ago
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)β715Updated 2 years ago
- Free, libre, effective, and data-driven wordlists for all!β600Updated 3 years ago
- Golang client for querying SecurityTrails API dataβ552Updated last year
- MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filteringβ¦β1,413Updated this week
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.β378Updated 3 years ago
- Open Redirection Analyzerβ775Updated 2 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β865Updated last year