r0oth3x49 / ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
β2,945Updated 3 weeks ago
Related projects: β
- Rockyou for web fuzzingβ2,547Updated 3 weeks ago
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β3,598Updated 2 weeks ago
- A simple script just made for self use for bypassing 403β1,627Updated 3 months ago
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probingβ2,461Updated 2 months ago
- An XSS exploitation command-line interface and payload generator.β1,233Updated last month
- 403/401 Bypass Methods + Bash Automation + Your Support ;)β1,122Updated 2 years ago
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript filesβ1,960Updated 3 months ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β3,870Updated 3 weeks ago
- An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!β1,519Updated 6 months ago
- NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applicationsβ1,236Updated this week
- Automatic SSRF fuzzer and exploitation toolβ2,937Updated 3 months ago
- Top disclosed reports from HackerOneβ3,720Updated 2 weeks ago
- Automated & Manual Wordlists provided by Assetnoteβ1,284Updated last month
- A cheat sheet that contains advanced queries for SQL Injection of all types.β2,798Updated last year
- Fetch all the URLs that the Wayback Machine knows about for a domainβ3,435Updated 4 months ago
- Extract URLs, paths, secrets, and other interesting bits from JavaScript�β1,362Updated 3 months ago
- Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)β2,933Updated 2 months ago
- Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.β1,433Updated 6 months ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β5,595Updated last week
- HTTP parameter discovery suite.β5,122Updated 2 months ago
- Quickly discover exposed hosts on the internet using multiple search engines.β2,374Updated this week
- An OOB interaction gathering server and client libraryβ3,319Updated this week
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entβ¦β1,663Updated 2 weeks ago
- Take a list of domains and probe for working HTTP and HTTPS serversβ2,821Updated 2 months ago
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attβ¦β4,609Updated last week
- A collection of awesome one-liner scripts especially for bug bounty tips.β2,628Updated last month
- An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.β2,611Updated 3 weeks ago
- For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. π‘οΈβοΈπ§β1,680Updated 3 months ago
- Real-world infosec wordlists, updated regularlyβ1,350Updated this week
- Check your WAF before an attacker doesβ1,244Updated last week