riramar / h2rs
Detects request smuggling via HTTP/2 downgrades.
☆92Updated 2 years ago
Alternatives and similar repositories for h2rs:
Users that are interested in h2rs are comparing it to the libraries listed below
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆131Updated 4 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Updated 4 years ago
- ☆95Updated 3 years ago
- Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.☆110Updated 3 years ago
- ☆94Updated 3 years ago
- Script to test open Akamai ARL vulnerability.☆71Updated 3 years ago
- ☆93Updated 4 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆119Updated last year
- A collection of code for interacting with API sources directly to improve your understanding of those services.☆66Updated 4 years ago
- Modified Nuclei Templates Version to FUZZ Host Header☆49Updated 3 years ago
- ☆87Updated 3 years ago
- ☆71Updated last year
- The project aims at creating target-specific wordlists for any web application that you are testing.☆65Updated 2 years ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.☆36Updated 2 years ago
- Extract JavaScript files from burp suite project with ease.☆88Updated 3 years ago
- nuclei-bb-templates☆49Updated 2 years ago
- Burp Bounty profiles☆82Updated 3 years ago
- Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs☆96Updated 4 years ago
- All known and unknown public POC's for wordpress themes and plugins☆78Updated 3 years ago
- ☆70Updated 3 years ago
- Prototype Pollution Scanner☆115Updated 4 years ago
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆105Updated 3 years ago
- Dump all available paths and/or endpoints on WADL file.☆93Updated 2 weeks ago
- goverview - Get an overview of the list of URLs☆143Updated last year
- ☆65Updated 2 years ago
- Check AWS S3 instances for read/write/delete access☆120Updated 3 years ago
- A tool for append URLs, skipping duplicates/paths & combine parameters.☆121Updated 3 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆158Updated last year
- 🔭 Collection of regexp pattern for security passive scanning☆115Updated 2 years ago
- Improve automated and semi-automated active scanning in Burp Pro☆61Updated 2 years ago