rfc-st / humble
A humble, and ๐ณ๐ฎ๐๐, security-oriented HTTP headers analyzer.
โ261Updated last week
Related projects โ
Alternatives and complementary repositories for humble
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applicโฆโ448Updated 7 months ago
- Search for sensitive data in Postman public library.โ185Updated 3 months ago
- A Powerful Network Reconnaissance Tool for Security Professionalsโ94Updated 3 months ago
- Web Security Scannerโ306Updated 5 months ago
- hauditor is a tool designed to analyze the security headers returned by a web page.โ164Updated 4 months ago
- Control Your Infrastructure, Scale Your ScanningโOn Your Terms. Easily distribute arbitrary binaries and scripts using any of our eight sโฆโ233Updated this week
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines foโฆโ305Updated 6 months ago
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/oโฆโ387Updated this week
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for cโฆโ380Updated 3 months ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesโ196Updated last month
- Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targetsโ142Updated this week
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.โ526Updated 3 weeks ago
- DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more.โ152Updated 3 months ago
- OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL.โ170Updated 7 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokensโ138Updated 3 weeks ago
- HTTP 403 bypass toolโ469Updated 7 months ago
- โ193Updated 5 months ago
- AI-powered ffuf wrapperโ266Updated 2 months ago
- TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in youโฆโ255Updated 2 months ago
- โ442Updated 6 months ago
- Websec interview questions by tib3rius answeredโ301Updated 11 months ago
- Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scenaโฆโ131Updated 2 months ago
- SubSnipe is a tool designed to help find subdomains that are vulnerable to takeover.โ71Updated 2 weeks ago
- Dredging up secrets from the depths of the file systemโ116Updated this week
- The Internets #1 Subdomain Takeover Toolโ227Updated last month
- Gourlex is a simple tool that can be used to extract URLs and paths from web pages.โ180Updated 7 months ago
- APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and โฆโ303Updated last week
- An uber fast and simple subdomain enumeration tool using DNS and web requests with support for detecting wildcard DNS records.โ170Updated 6 months ago
- A streamlined tool for discovering TLDs, associated domains, and related domain names.โ140Updated this week