shiblisec / Kyubi
A tool to discover and exploit Nginx alias traversal misconfiguration, the tool can bruteforce the URL path recursively to find out hidden files and directories.
☆117Updated last year
Alternatives and similar repositories for Kyubi:
Users that are interested in Kyubi are comparing it to the libraries listed below
- A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CON…☆160Updated 9 months ago
- Find subdomains on GitLab.☆92Updated 8 months ago
- ☆70Updated 2 years ago
- A wrapper around tools used for subdomain enumeration, to automate the workflow, on a given domain, written in bash.☆75Updated 2 years ago
- Small tool to automate SSRF wordpress and XMLRPC finder☆80Updated 2 years ago
- Simple fork from degoogle original project with bug hunting purposes☆88Updated 2 years ago
- Apache Tomcat exploit and Pentesting guide for penetration tester☆56Updated 2 years ago
- A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)☆118Updated 2 years ago
- Enumerate Subdomains Through Google Dorks☆123Updated 3 years ago
- Striping CDN IPs from a list of IP Addresses☆74Updated 2 years ago
- Save your dorking results to the terminal. A modified version of TomNomNom's amazing tool!☆84Updated 11 months ago
- IP Lookups for Open Ports and Vulnerabilities from internetdb.shodan.io☆121Updated 2 years ago
- Prototype Pollution Scanner☆105Updated 3 years ago
- Create your own recon & vulnerability scanner with Trickest and GitHub☆49Updated last year
- Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using…☆147Updated last year
- A command-line utility designed to discover subdomains for a given domain in a simple, efficient way. It works by gathering information f…☆107Updated 3 weeks ago
- My personal collection of nuclei templates made for fuzzing.☆27Updated 4 months ago
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆103Updated 2 years ago
- Execute Trickest workflows right from your terminal☆87Updated this week
- simple recon tool to help you for searching vulnerability on web server☆72Updated this week
- Find sensitive information using dorks from different search-engines.☆87Updated 2 months ago
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆42Updated 10 months ago
- XSSearch is a comprehensive reflected XSS tool built on selenium framework in python language. It contains more than 3000 payloads for au…☆60Updated 2 years ago
- Python tool to test known techniques to bypass 403 and 401 HTTP responses.☆35Updated last year
- ☆87Updated 3 years ago
- Serpscan is a powerfull php script designed to allow you to leverage the power of dorking straight from the comfort of your command line.☆65Updated 3 years ago
- ☆61Updated 5 months ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Updated 2 years ago