omar2535 / GraphQLer
πA dependency-aware GraphQL API fuzzing tool
β120Updated this week
Related projects: β
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ95Updated 7 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application aβ¦β151Updated 3 weeks ago
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β127Updated last year
- truffleproc β hunt secrets in process memory (TruffleHog & gdb mashup)β110Updated last year
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ193Updated 4 months ago
- A GraphQL enumeration and extraction toolβ127Updated last year
- boostsecurityio/lotpβ97Updated 5 months ago
- GitHub Attack Toolkit - Extreme Editionβ151Updated this week
- Manager of third-party sources of Semgrep rules πβ74Updated last month
- Nuclei plugins to audit Chrome extensionsβ64Updated 2 months ago
- β108Updated last year
- β143Updated last year
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokensβ134Updated 3 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.β250Updated 2 months ago
- β173Updated 6 months ago
- β115Updated last year
- gRPC-Web Pentesting Suite + Burp Suite Extensionβ159Updated 2 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.β182Updated last month
- Tools to assess DNS security.β146Updated 6 months ago
- A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representatiβ¦β84Updated last year
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ138Updated 3 years ago
- Octoscan is a static vulnerability scanner for GitHub action workflows.β131Updated this week
- A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSONβ112Updated 5 months ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.β162Updated 4 months ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.β19Updated last month
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.β38Updated 9 months ago
- β81Updated 2 months ago
- β οΈ Code for the Defcon Workshopβ20Updated last month
- FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)β37Updated last month
- AI-powered ffuf wrapperβ119Updated 3 weeks ago