secdec / attack-surface-detector-cli

Related projects ⓘ

Alternatives and complementary repositories for attack-surface-detector-cli

• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆98Updated 11 months ago
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated 2 years ago
• yogisec / VulnerableSAMLApp
  Vulnerable SAML infrastructure training applicaiton
  ☆48Updated last year
• chennylmf / OWASP-Web-App-Pentesting-checklists
  ☆71Updated 4 years ago
• szski / shapeshifter
  GraphQL security testing tool
  ☆117Updated 2 years ago
• BuffaloWill / burpsuite-project-file-parser
  A Burp Suite Extension for parsing Project Files from the CLI.
  ☆84Updated last month
• dariusztytko / vhosts-sieve
  Searching for virtual hosts among non-resolvable domains
  ☆86Updated 4 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆168Updated 2 years ago
• PatrikFehrenbach / amass-tools
  ☆108Updated 4 years ago
• wallarm / jwt-heartbreaker
  The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
  ☆124Updated 4 years ago
• lc / jenkinz
  jenkinz is a tool to retrieve every build for every job ever created and run on a given Jenkins instance.
  ☆66Updated 5 years ago
• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆42Updated 9 months ago
• 0xbharath / slurp
  A blazing fast & feature rich Amazon S3 bucket enumerator.
  ☆94Updated 2 years ago
• nccgroup / CollaboratorPlusPlus
  ☆144Updated 2 years ago
• righettod / burp-piper-custom-scripts
  Custom scripts for the PIPER Burp extensions.
  ☆97Updated last year
• Cache-Money / chronorace
  ☆69Updated 2 years ago
• shivsahni / NSBrute
  Python utility to takeover domains vulnerable to AWS NS Takeover
  ☆85Updated last year
• PortSwigger / stepper
  A natural evolution of Burp Suite's Repeater tool
  ☆91Updated last year
• aress31 / openapi-parser
  Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in …
  ☆194Updated 10 months ago
• bytebutcher / burp-send-to
  Adds a customizable "Send to..."-context-menu to your BurpSuite.
  ☆150Updated last year
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆130Updated 3 years ago
• craighays / bucketkicker
  Brute force AWS bucket finder
  ☆60Updated last year
• NotSoSecure / cloud-service-enum
  ☆232Updated 4 months ago
• bcoles / jira_scan
  A simple remote scanner for Atlassian Jira
  ☆118Updated last year
• BBhacKing / jwt_secrets
  A list of "secrets" from JWT sample code and readme files.
  ☆51Updated 4 years ago
• fellchase / flumberboozle
  Suite of programs meant to aid in bug hunting and security assessments
  ☆75Updated 4 years ago
• Abss0x7tbh / bass
  Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …
  ☆141Updated 7 months ago
• devanshbatham / CertEagle
  Weaponizing Live CT logs for automated monitoring of assets
  ☆133Updated 3 years ago
• michael1026 / trashcompactor
  ☆65Updated last year