prjblk / wordpress-audit-automationLinks
Scripts to download every Wordpress plugin (updated in the last 2 years) and run Semgrep over the lot of it while storing output in a database.
☆75Updated 4 months ago
Alternatives and similar repositories for wordpress-audit-automation
Users that are interested in wordpress-audit-automation are comparing it to the libraries listed below
Sorting:
- The Template Injection Playground allows to test a large number of the most relevant template engines for template injection possibilitie…☆47Updated last month
- AI/LLM local model integration for analysis of reconftw results☆61Updated last month
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the int…☆134Updated 6 months ago
- SubSnipe is a tool designed to help find subdomains that are vulnerable to takeover.☆123Updated 4 months ago
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆105Updated last month
- ☆46Updated 3 months ago
- A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.☆40Updated 2 months ago
- A Go-based utility that processes input through multiple AI models concurrently (OpenAI, Claude, and Gemini) and provides a summarized co…☆67Updated last week
- A Burp Suite extension that helps track and manage multiple sessions simultaneously by color-coding HTTP requests based on custom pattern…☆27Updated 7 months ago
- Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!☆150Updated 6 months ago
- ☆75Updated 11 months ago
- ☆184Updated 2 months ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆124Updated 2 months ago
- A collection of config files for linux focusing on hackthebox theme☆45Updated 6 months ago
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆66Updated last year
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…☆91Updated 10 months ago
- 🤖 LLM-powered agent for automated Google Dorking in bug hunting & pentesting.☆56Updated last month
- A list of all Active Directory machines from HackTheBox☆60Updated 2 weeks ago
- ai-based domain name generation☆93Updated 4 months ago
- A fast enumeration tool for publicly exposed Azure Storage blobs.☆97Updated 2 years ago
- FrogPost: postMessage Security Testing Tool☆80Updated last month
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆127Updated 2 years ago
- ☆171Updated 3 weeks ago
- Official TruffleHog Burp Suite Extension. Scan Burp Suite traffic for 800+ different types of secrets (API keys, passwords, SSH keys, etc…☆68Updated 3 months ago
- A recon tool that uses ML to predict subdomains. Then returns those that resolve.☆96Updated 2 months ago
- ☆62Updated last year
- Everything and anything related to password spraying☆141Updated last year
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆40Updated last year
- This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer whil…☆54Updated 2 months ago
- The repository contains useful GitHub dorks for finding open-source vulnerabilities.☆80Updated last year