shiblisec / Kyubi
A tool to discover and exploit Nginx alias traversal misconfiguration, the tool can bruteforce the URL path recursively to find out hidden files and directories.
☆111Updated 11 months ago
Related projects ⓘ
Alternatives and complementary repositories for Kyubi
- Small tool to automate SSRF wordpress and XMLRPC finder☆80Updated last year
- Simple fork from degoogle original project with bug hunting purposes☆85Updated 2 years ago
- Striping CDN IPs from a list of IP Addresses☆74Updated 2 years ago
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆102Updated 2 years ago
- A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)☆118Updated 2 years ago
- IP Lookups for Open Ports and Vulnerabilities from internetdb.shodan.io☆117Updated 2 years ago
- Find sensitive information using dorks from different search-engines.☆86Updated 2 weeks ago
- Enumerate Subdomains Through Google Dorks☆122Updated 3 years ago
- A command-line utility designed to help you discover subdomains for a given domain in a simple, efficient way. It works by gathering info…☆105Updated 3 weeks ago
- Apache Tomcat exploit and Pentesting guide for penetration tester☆54Updated 2 years ago
- Prototype Pollution Scanner☆101Updated 3 years ago
- ☆68Updated last year
- Talosplus is a fast and robust template based Intelligent automation framework primarily developed for Bug Bounty Automation☆85Updated last year
- A tool that automates the search for IDOR vulnerabilities in web apps and APIs☆50Updated 3 years ago
- My personal collection of nuclei templates made for fuzzing.☆25Updated 2 months ago
- The scripts I write to help me on my bug bounty hunting☆120Updated 2 years ago
- ☆86Updated 3 years ago
- A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CON…☆160Updated 7 months ago
- A reverse whois tool based on Whoxy API.☆158Updated 7 months ago
- Print the IP addresses in a given range☆46Updated 4 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆289Updated last month
- A wrapper around tools used for subdomain enumeration, to automate the workflow, on a given domain, written in bash.☆75Updated 2 years ago
- Create your own recon & vulnerability scanner with Trickest and GitHub☆49Updated last year
- This repository contains proof of concept for zero days and CVEs that were found by Omar Hashem through Security Research☆42Updated last year
- Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities☆110Updated last year
- Subdomains enumeration, various scans and testing of some vulnerabilities.☆75Updated 5 months ago
- ☆145Updated last year
- Describe how to use ffuf different options with examples☆80Updated last year