☆220May 20, 2024Updated last year
Alternatives and similar repositories for wafer
Users that are interested in wafer are comparing it to the libraries listed below
Sorting:
- Go scanner to find web cache poisoning vulnerabilities in a list of URLs☆149Feb 21, 2024Updated 2 years ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆89May 2, 2024Updated last year
- Mine URLs from Browser's Heap Snapshot for fun and profit☆64Aug 9, 2023Updated 2 years ago
- Differential testing framework for HTTP implementations☆927Jan 21, 2026Updated last month
- A rapid HTTP downgrade smuggling scanner written in Go.☆313May 16, 2024Updated last year
- Burp extension used to snip any header from all the requests.☆23Nov 12, 2023Updated 2 years ago
- Passively check for XSS character encodings☆18Feb 7, 2026Updated 2 weeks ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆356Dec 14, 2023Updated 2 years ago
- i will upload more templates here to share with the comunity.☆567Apr 17, 2024Updated last year
- Never forget where you inject.☆297Aug 15, 2025Updated 6 months ago
- The Most Advanced Client-Side Prototype Pollution Scanner☆246Feb 3, 2026Updated 3 weeks ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆382May 19, 2023Updated 2 years ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆142Jun 27, 2023Updated 2 years ago
- An IIS short filename enumeration tool☆1,123Nov 25, 2024Updated last year
- Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C☆39Dec 7, 2019Updated 6 years ago
- ☆583Aug 14, 2025Updated 6 months ago
- ☆124Aug 24, 2025Updated 6 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆750Dec 19, 2023Updated 2 years ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆58Mar 2, 2022Updated 3 years ago
- SSH & FTP brute-forcing tool written in python☆11Oct 2, 2024Updated last year
- ☆139Nov 9, 2024Updated last year
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,771May 22, 2024Updated last year
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆262Jul 6, 2025Updated 7 months ago
- Atlassian Companion RCE Vulnerability Proof of Concept☆25Dec 15, 2023Updated 2 years ago
- Smart context-based SSRF vulnerability scanner.☆360May 5, 2022Updated 3 years ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆1,290Aug 7, 2025Updated 6 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆159Jul 2, 2024Updated last year
- BurpSuite extension to convert requests into bcheck scripts☆33Jul 18, 2023Updated 2 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆90Feb 3, 2024Updated 2 years ago
- A path-normalization pentesting tool.☆151Jan 22, 2026Updated last month
- Fuzz 401/403/404 pages for bypasses☆386Jan 22, 2026Updated last month
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆17Jan 31, 2021Updated 5 years ago
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Dec 13, 2025Updated 2 months ago
- A Lightning-Fast DNS Resolver written in Rust 🦀☆69Nov 19, 2024Updated last year
- De-clutter a list of URLs☆386Feb 3, 2026Updated 3 weeks ago
- Get 10k subdomains in securitytrails using cookie without apikey.☆36Oct 23, 2025Updated 4 months ago
- SNMP Bash Script to discover valid community strings, dump basic information, check for write permission and check for RCE.☆11Apr 27, 2024Updated last year
- All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)☆302Mar 12, 2024Updated last year
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,497Jan 8, 2026Updated last month