sysdig / wafer
☆189Updated 3 months ago
Related projects: ⓘ
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆297Updated 4 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆477Updated this week
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆223Updated 8 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆151Updated 3 weeks ago
- Local File Inclusion discovery and exploitation tool☆210Updated last month
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆134Updated 3 months ago
- ☆150Updated last month
- Proviesec Fuzz Scanner - dir/path web scanner☆98Updated last week
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows☆271Updated last year
- gRPC-Web Pentesting Suite + Burp Suite Extension☆159Updated 2 months ago
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆218Updated 5 months ago
- Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.☆206Updated this week
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆312Updated 9 months ago
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆333Updated last week
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆524Updated 9 months ago
- Crtsh Subdomain Enumeration | This bash script makes it easy to quickly save and parse the output from https://crt.sh website.☆189Updated 2 weeks ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆371Updated last month
- Fast and customizable vulnerability scanner For JIRA written in Python☆318Updated 7 months ago
- A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas i…☆153Updated 2 weeks ago
- Bambdas collection for Burp Suite Professional and Community.☆193Updated last month
- Smart context-based SSRF vulnerability scanner.☆323Updated 2 years ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆369Updated last year
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆318Updated this week
- Search for sensitive data in Postman public library.☆179Updated last month
- Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)☆258Updated 11 months ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆175Updated 2 years ago
- A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon☆223Updated 10 months ago
- ☆424Updated 4 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆250Updated 2 months ago
- De-clutter a list of URLs☆307Updated 5 months ago