synack / wstgLinks
The Web Security Testing Guide is a comprehensive open source guide to testing the security of web applications and web services.
☆31Updated last month
Alternatives and similar repositories for wstg
Users that are interested in wstg are comparing it to the libraries listed below
Sorting:
- The project aims at creating target-specific wordlists for any web application that you are testing.☆66Updated 3 years ago
- ☆67Updated 3 years ago
- A reverse whois tool based on Whoxy API.☆167Updated last year
- A blazing fast & feature rich Amazon S3 bucket enumerator.☆98Updated 3 years ago
- A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate☆212Updated last year
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆132Updated 4 years ago
- xss development frameworks, with the goal of making payload writing easier.☆151Updated last year
- A collection of code for interacting with API sources directly to improve your understanding of those services.☆66Updated 4 years ago
- Small tool to automate SSRF wordpress and XMLRPC finder☆81Updated 2 years ago
- HTTP parameter discovery suite.☆63Updated 5 years ago
- List of fresh DNS resolvers updated daily☆108Updated 2 years ago
- ☆61Updated last year
- ASN reconnaissance script☆133Updated last year
- ☆41Updated 4 months ago
- Prototype Pollution Scanner☆128Updated 4 years ago
- Vulnerable SAML infrastructure training applicaiton☆54Updated 2 years ago
- golang tool to scan domains or single domains with know security issues against xmlrpc☆61Updated 2 years ago
- Adds a customizable "Send to..."-context-menu to your BurpSuite.☆163Updated 3 years ago
- s3 brute force tool☆45Updated 4 years ago
- Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs☆97Updated 4 years ago
- A combined wordlists for files and directory discovery☆126Updated 4 years ago
- DNS and Target HTTP History Local Storage and Search☆64Updated 4 years ago
- Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search…☆115Updated 4 years ago
- A quick ‘n dirty nmap parser written in Golang to convert nmap xml to IP:Port notation.☆130Updated last year
- Prototype pollution scanner using headless chrome☆219Updated 3 years ago
- A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bul…☆99Updated 4 years ago
- A Simple Tool to Pull Paid Bounty Scopes for Wide Recon Actvities☆105Updated 4 years ago
- Clientside vulnerability / reflected xss fuzzer☆149Updated 2 years ago
- Detectify Crowdsource Challenge☆70Updated 3 years ago
- Extract JavaScript files from burp suite project with ease.☆97Updated 3 years ago