swisskyrepo / Vulny-Code-Static-Analysis
Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex
☆398Updated 2 years ago
Alternatives and similar repositories for Vulny-Code-Static-Analysis:
Users that are interested in Vulny-Code-Static-Analysis are comparing it to the libraries listed below
- Another web vulnerabilities scanner, this extension works on Chrome and Opera☆452Updated 5 years ago
- Open Redirect Payloads☆594Updated 3 months ago
- fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion b…☆525Updated 2 years ago
- BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…☆539Updated 2 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆349Updated 6 years ago
- Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT☆393Updated 5 months ago
- bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.☆522Updated last year
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆684Updated last year
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆522Updated 6 years ago
- A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…☆252Updated last year
- Herramienta para evadir disable_functions y open_basedir☆401Updated last year
- Exploitation for XSS☆708Updated 3 years ago
- Correlated injection proxy tool for XSS Hunter☆251Updated 2 years ago
- Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).☆374Updated 5 years ago
- Content discovery wordlists generated using BigQuery☆562Updated 4 years ago
- A Powerful Subdomain Takeover Tool☆939Updated last year
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆448Updated 5 years ago
- simple script to extract all web resources by means of .SVN folder exposed over network.☆452Updated 11 months ago
- A collection of templates for bug bounty reporting☆387Updated 3 years ago
- Payloads for CRLF Injection☆221Updated 3 months ago
- A pentesting tool that dumps the source code from .git even when the directory traversal is disabled☆218Updated 2 years ago
- Repository for hosting my research papers☆505Updated 9 months ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆638Updated 5 years ago
- This repository created for personal use and added tools from my latest blog post.☆349Updated 2 years ago
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆382Updated last year
- Finds unknown classes of injection vulnerabilities☆643Updated last year
- SSRF testing tool☆243Updated 2 years ago
- ☆260Updated 5 years ago
- File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.☆267Updated 3 years ago
- 🎯 Open Redirect Payload List☆551Updated 6 months ago