Detects request smuggling via HTTP/2 downgrades.
☆94Jul 30, 2022Updated 3 years ago
Alternatives and similar repositories for h2rs
Users that are interested in h2rs are comparing it to the libraries listed below
Sorting:
- A simple tool which makes creating nuclei templates even easier.☆37Jun 23, 2024Updated last year
- tool that generates bypasses for open redirects☆51Apr 18, 2022Updated 3 years ago
- Tool for making it easy to collect dns results from the CLI☆40Aug 14, 2024Updated last year
- BurpSuite extension to convert requests into bcheck scripts☆33Jul 18, 2023Updated 2 years ago
- Feed it a list of subdomains, it will resolve them and tell you which ones are internal☆93Nov 21, 2021Updated 4 years ago
- gup aka Get All Urls parameters to create wordlists for brute forcing parameters.☆18Dec 4, 2021Updated 4 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆156Nov 24, 2023Updated 2 years ago
- A burp-suite plugin that extract all parameter names from in-scope requests☆29Nov 9, 2021Updated 4 years ago
- Nuclei Templates to reproduce Cracking the lens's Research☆132Jan 8, 2022Updated 4 years ago
- #JavascriptRecon #bugbounty☆21Aug 18, 2021Updated 4 years ago
- Service-Now Article Bruteforcer☆16Jun 5, 2020Updated 5 years ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.☆35Aug 30, 2022Updated 3 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆118Jun 17, 2023Updated 2 years ago
- Client Side Prototype Pollution Scanner☆522Sep 17, 2022Updated 3 years ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆519Jun 22, 2022Updated 3 years ago
- a Go code to detect leaks in JS files via regex patterns☆150Oct 20, 2021Updated 4 years ago
- WordPress Plugin Update Confusion☆67Dec 7, 2021Updated 4 years ago
- ☆73Nov 22, 2021Updated 4 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago
- ☆562Mar 27, 2025Updated 11 months ago
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- 🔭 Collection of regexp pattern for security passive scanning☆116Feb 18, 2023Updated 3 years ago
- Client-Side Prototype Pollution Tools☆87Sep 21, 2021Updated 4 years ago
- ☆12Feb 18, 2022Updated 4 years ago
- ☆75Feb 11, 2024Updated 2 years ago
- CLI tool that extracts a regex pattern from a list of urls ( Rust )☆61Sep 14, 2022Updated 3 years ago
- WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…☆50Updated this week
- goverview - Get an overview of the list of URLs☆142Dec 5, 2025Updated 3 months ago
- ☆38Aug 27, 2022Updated 3 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆93Jul 9, 2025Updated 7 months ago
- Simple tools to handle string and generate subdomain permutations☆15Jun 8, 2022Updated 3 years ago
- ☆148Dec 23, 2022Updated 3 years ago
- Most of the Google Acquisitions for Bug Bounty Hunter.☆64Sep 3, 2022Updated 3 years ago
- Burp extension to create target specific and tailored wordlist from burp history.☆256Dec 8, 2021Updated 4 years ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆344Dec 31, 2024Updated last year
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…☆529Apr 23, 2025Updated 10 months ago
- Easily schedule commands to run multiple times at set intervals (like a cronjob, but with one command)☆84Apr 5, 2021Updated 4 years ago
- ☆38Nov 27, 2020Updated 5 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago