secdec / attack-surface-detector-zap

Related projects ⓘ

Alternatives and complementary repositories for attack-surface-detector-zap

• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆98Updated 11 months ago
• 0xbharath / slurp-old
  A tool to enumerate S3 buckets manually or via certstream
  ☆80Updated last year
• we45 / orchestron-community
  Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…
  ☆31Updated last year
• disruptops / cred_scanner
  A simple file-based scanner to look for potential AWS access and secret keys in files
  ☆89Updated 8 months ago
• random-robbie / AWS-Scanner
  Scans a list of websites for Cloudfront or S3 Buckets
  ☆104Updated 2 years ago
• glen-mac / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆110Updated 5 years ago
• pentestgeek / burpcommander
  Ruby command-line interface to Burp Suite's REST API
  ☆59Updated 4 years ago
• RhinoSecurityLabs / Presentations
  A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.
  ☆37Updated 6 years ago
• michenriksen / bucketlist
  Amazon S3 bucket spelunking!
  ☆84Updated 7 years ago
• FishermansEnemy / bucket_finder
  Amazon bucket brute force tool
  ☆95Updated 11 years ago
• appsecco / using-docker-kubernetes-for-automating-appsec-and-osint-workflows
  Repository for all the workshop content delivered at nullcon X on 1st of March 2019
  ☆81Updated 5 years ago
• radicallyopensecurity / pentesting-scripts
  Scripts that we use for pentesting
  ☆41Updated 7 years ago
• EdOverflow / h1-cli
  A CLI tool to interact with hackerone.com. This was my submission for HackerOne's Summer 2018 Hack Day.
  ☆36Updated 6 years ago
• rojan-rijal / Pyrate
  Practice Web App written in python with some vulnerabilities.
  ☆34Updated 3 years ago
• lc / cspparse
  A tool to evaluate Content Security Policies.
  ☆71Updated 4 years ago
• DefectDojo / Burp-Plugin
  A Burp plugin to export findings to DefectDojo
  ☆30Updated last year
• maK- / scanomaly-2years
  This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping
  ☆47Updated 5 years ago
• appsecco / practical-recon-levelup0x02
  This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…
  ☆60Updated 5 years ago
• craighays / bucketkicker
  Brute force AWS bucket finder
  ☆60Updated last year
• prevade / cloudjack
  Route53/CloudFront Vulnerability Assessment Utility
  ☆84Updated last year
• marco-lancini / docker_burp
  Burp as a Docker Container
  ☆59Updated 4 years ago
• bonkc / BugBountySubdomains
  Tools to gather subdomains from Bug Bounty programs
  ☆63Updated 6 years ago
• JR0ch17 / S3Cruze
  All-in-one AWS S3 bucket tool for pentesters.
  ☆70Updated 5 years ago
• koto / gitpillage
  Pillage a git repo found in an accessible web root
  ☆60Updated 13 years ago
• VirtueSecurity / aws-extender-cli
  AWS Extender CLI is a command-line script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common mi…
  ☆81Updated 4 years ago
• Ucnt / aws-s3-data-finder
  AWS S3 Sensitive Data Search
  ☆35Updated 2 years ago
• SmeegeSec / Burp-Importer
  Burp Suite Importer - Connect to multiple web servers while populating the sitemap.
  ☆48Updated 4 years ago
• sethlaw / sputr
  Security Payload Unit Test Repository (SPUTR)
  ☆86Updated last year
• ajinabraham / aws_security_tools
  Scripts and tools for AWS Pentest
  ☆51Updated 4 years ago
• gwen001 / actarus
  Actarus is a custom tool for bug bounty
  ☆75Updated 5 years ago