owasp-noir / noirLinks
Attack surface detector that identifies endpoints by static analysis
☆712Updated last week
Alternatives and similar repositories for noir
Users that are interested in noir are comparing it to the libraries listed below
Sorting:
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆659Updated 2 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆642Updated last year
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆421Updated 5 months ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆871Updated last year
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆342Updated last year
- ☆461Updated 5 months ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆320Updated 5 months ago
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applic…☆450Updated last year
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆358Updated last month
- A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomain…☆877Updated 2 years ago
- Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.☆240Updated 4 months ago
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,574Updated last year
- The Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbit…☆523Updated 2 weeks ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆71Updated last year
- Golang client for querying SecurityTrails API data☆561Updated last year
- Fast and customizable subdomain wordlist generator using DSL☆821Updated 2 months ago
- ProjectDiscovery's Open Source Tool Manager☆875Updated 3 weeks ago
- Discover new target domains using Content Security Policy☆447Updated this week
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆939Updated last week
- Black box fuzzer for web applications☆427Updated 11 months ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆1,117Updated 2 months ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆982Updated last week
- Vulnerability Scan with Nuclei☆255Updated 7 months ago
- Find subdomains with GPT, for free☆348Updated last year
- ☆293Updated 10 months ago
- Open Redirection Analyzer☆788Updated 2 years ago
- oneliner commands for bug bounties☆444Updated 2 years ago
- 🚀 Join us for 30days of daily API security tests. #30days30tests We've spent last 120days building amazing API security tests for the c…☆212Updated 2 years ago
- ☆205Updated last year
- Small tool to Grab subdomains using Shodan api.☆466Updated 7 months ago