solo10010 / reconWTF

Related projects: ⓘ

• JoshMorrison99 / isXSS-Burp
  Passively check for XSS character encodings
  ☆20Updated last year
• leetIbrahim / JSNotify
  ☆18Updated 10 months ago
• rivalsec / pathbuster
  PathBuster - multiple hosts Web path scanner
  ☆21Updated 3 months ago
• topscoder / nuclei-zero-day
  This repository contains random Nuclei templates I've created. Most of them based on recent security issues and exploits.
  ☆13Updated 3 months ago
• darklotuskdb / SSTI-XSS-Finder
  XSS Finder Via SSTI
  ☆54Updated last year
• SirBugs / JsValidator
  JsValidator is a tool created for validating the JS files after crawlling it from waybackurls
  ☆17Updated last year
• Sybil-Scan / TLDbrute
  A simple utility to generate domain names with all possible TLDs
  ☆23Updated last year
• HernanRodriguez1 / ScanMySQLiErrorBased-Nuclei
  ☆21Updated 2 years ago
• LeDoubleTake / nuclei-templates
  List of custom Nuclei templates
  ☆15Updated 10 months ago
• aliyugombe / reflector
  ☆13Updated last year
• 0xPugal / bugbounty_profile
  Automate bug bounty recon using bash alias
  ☆14Updated last month
• faiyazahmad07 / SSTI_DETECTOR
  This tool allows you to find ssti vulnerability with ease!
  ☆17Updated 2 years ago
• zeronine9 / Blind_SPOT
  Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI
  ☆27Updated 3 years ago
• 0xKayala / JaelesFuzzer
  JaelesFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications
  ☆11Updated 4 months ago
• YazeedOliwah / reconX
  ☆16Updated this week
• gwen001 / detectify-cves
  Find CVEs that don't have a Detectify modules.
  ☆21Updated last year
• aqeisi / WP-RestScan
  Scan Wordpress Servers for Access Control Issues
  ☆10Updated last year
• BrownBearSec / Utils-and-Wrappers
  A repo for tools, utils, and wrappers that are to small to put in their own repo.
  ☆23Updated last year
• SirBugs / subguess
  Generating Sub-Sub-Subdomain + validating all of them
  ☆9Updated last year
• rix4uni / xsschecker
  xsschecker tool checking reflected endpoints finding possible xss vulnerable endpoints.
  ☆19Updated last month
• Ravaan21 / Chandrahasa
  A solid recon tool I use personally.
  ☆31Updated last year
• aaditya2098 / noobstuffs
  Xss payload for bypassing waf
  ☆13Updated 4 years ago
• akshaysharma016 / aem-detector
  ☆21Updated last year
• bp0lr / myGF_patterns
  ☆19Updated 3 years ago
• ethicalhackingplayground / erebus-templates
  Community curated list of templates for the erebus engine to find security vulnerabilities.
  ☆16Updated 3 years ago
• h0tak88r / nuclei_templates
  Collection of templates from various resources
  ☆18Updated 2 months ago
• PushpenderIndia / Log4jScanner
  Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.
  ☆39Updated 2 years ago
• siratsami / crsbf
  Brute Force subdomains with a list of custom DNS records.
  ☆13Updated last year
• danilmor / All-in-Fuzzer
  All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body
  ☆20Updated 5 months ago
• evanRubinsteinIT / BugBounty-Oneliners
  ☆24Updated this week