shiblisec / KyubiLinks
A tool to discover and exploit Nginx alias traversal misconfiguration, the tool can bruteforce the URL path recursively to find out hidden files and directories.
☆125Updated last year
Alternatives and similar repositories for Kyubi
Users that are interested in Kyubi are comparing it to the libraries listed below
Sorting:
- Enumerate Subdomains Through Google Dorks (Bypassed Page Filter)☆124Updated 2 months ago
- A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CON…☆162Updated last year
- Small tool to automate SSRF wordpress and XMLRPC finder☆81Updated 2 years ago
- A reverse whois tool based on Whoxy API.☆166Updated last year
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆105Updated 3 years ago
- Find subdomains on GitLab.☆101Updated last year
- Find sensitive information using dorks from different search-engines.☆90Updated 8 months ago
- A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)☆120Updated 3 years ago
- Describe how to use ffuf different options with examples☆88Updated 2 years ago
- A command-line utility designed to discover subdomains for a given domain in a simple, efficient way. It works by gathering information f…☆111Updated this week
- ☆68Updated 2 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆296Updated 9 months ago
- IP Lookups for Open Ports and Vulnerabilities from internetdb.shodan.io☆129Updated 3 years ago
- Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own☆74Updated last year
- Striping CDN & WAF IPs from a list of IP Addresses☆80Updated last month
- HTTP verb tampering & methods enumeration☆59Updated 3 years ago
- golang tool to scan domains or single domains with know security issues against xmlrpc☆62Updated last year
- Apache Tomcat exploit and Pentesting guide for penetration tester☆60Updated 2 years ago
- Simple fork from degoogle original project with bug hunting purposes☆89Updated 3 years ago
- ☆159Updated 2 years ago
- ☆68Updated 2 years ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆140Updated last year
- Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search…☆114Updated 3 years ago
- My personal collection of nuclei templates made for fuzzing.☆27Updated 9 months ago
- ☆74Updated last year
- A tool that automates the search for IDOR vulnerabilities in web apps and APIs☆61Updated 4 years ago
- Checks whether a domain is hosted on a cloud service such as AWS, Azure or CloudFlare☆59Updated 2 years ago
- ☆55Updated 2 years ago
- The scripts I write to help me on my bug bounty hunting☆121Updated 3 years ago
- Learn how to automate XSS, SSRF, LFI, SQLI, NoSQLi☆41Updated 3 years ago