santoru / shcheck
A basic tool to check security headers of a website
☆571Updated 6 months ago
Alternatives and similar repositories for shcheck:
Users that are interested in shcheck are comparing it to the libraries listed below
- Check any website (or set of websites) for insecure security headers.☆244Updated last year
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆682Updated last year
- Subdomain and target enumeration tool built for offensive security testing☆844Updated 7 months ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆464Updated last year
- VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, i…☆454Updated this week
- The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.☆1,167Updated this week
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆1,733Updated 3 months ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆2,650Updated this week
- Web vulnerability scanner written in Python3☆1,287Updated last month
- A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.☆394Updated last month
- DotDotPwn - The Directory Traversal Fuzzer☆1,009Updated 2 years ago
- A default credential scanner.☆1,460Updated 3 years ago
- Subdomain Takeover tool written in Go☆1,931Updated last year
- MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering…☆1,360Updated this week
- A tool to link a domain with registered organisation names and emails, to other domains.☆833Updated 8 months ago
- Subdomain takeover vulnerability checker☆1,125Updated 4 months ago
- Awesome cloud enumerator☆945Updated 5 months ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆265Updated last year
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testing☆950Updated 2 months ago
- Security Auditor Utility for GraphQL APIs☆409Updated this week
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆575Updated 2 months ago
- Burp plugin able to find reflected XSS on page in real-time while browsing on site☆1,140Updated 3 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆1,880Updated last year
- A wordlist of API names for web application assessments☆777Updated 2 years ago
- Fast HTTP enumerator☆463Updated last month
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆782Updated last year
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆953Updated 3 years ago
- Vulnerability assessment and penetration testing automation and reporting platform for teams.☆440Updated last month
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆938Updated last week
- A Nmap XSL implementation with Bootstrap.☆937Updated last year