szski / shapeshifter

Related projects: ⓘ

• cablej / FileChangeMonitor
  Continuous monitoring for JavaScript files
  ☆216Updated 4 years ago
• Abss0x7tbh / bass
  Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …
  ☆141Updated 5 months ago
• LewisArdern / metasecjs
  MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
  ☆77Updated last year
• EdOverflow / csp
  ☆125Updated this week
• Static-Flow / gofingerprint
  GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…
  ☆198Updated last year
• defparam / h1passets
  List HackerOne private program assets
  ☆148Updated 3 years ago
• Regala / burp-scope-monitor
  Burp Suite Extension to monitor new scope
  ☆195Updated 3 years ago
• daeken / SSRFTest
  SSRF testing tool
  ☆242Updated last year
• andresriancho / mongo-objectid-predict
  Predict Mongo ObjectIds
  ☆125Updated 6 years ago
• david3107 / graphql-security-labs
  GraphQL security workshop labs
  ☆100Updated 2 months ago
• bytebutcher / burp-send-to
  Adds a customizable "Send to..."-context-menu to your BurpSuite.
  ☆147Updated last year
• PatrikFehrenbach / amass-tools
  ☆108Updated 3 years ago
• wallarm / jwt-heartbreaker
  The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
  ☆121Updated 3 years ago
• subfinder / goaltdns
  A permutation generation tool written in golang
  ☆206Updated 5 years ago
• fellchase / flumberboozle
  Suite of programs meant to aid in bug hunting and security assessments
  ☆75Updated 4 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆167Updated last year
• tdr130 / assetnote
  Push notifications for passive DNS data
  ☆105Updated 8 years ago
• secdec / attack-surface-detector-cli
  ☆72Updated 2 years ago
• codingo / crithit
  Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…
  ☆204Updated 4 years ago
• dark-warlord14 / ffufplus
  You can read the writeup on this script here
  ☆192Updated 2 years ago
• Shivangx01b / CorsMe
  Cross Origin Resource Sharing MisConfiguration Scanner
  ☆168Updated 2 years ago
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated last year
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆130Updated 3 years ago
• ffuf / ffuf-scripts
  Scripts to help with different ffuf tasks and workflows
  ☆211Updated 8 months ago
• BBerastegui / fresh-dns-servers
  Fresh DNS servers
  ☆83Updated this week
• In3tinct / Taken
  Takeover AWS ips and have a working POC for Subdomain Takeover.
  ☆88Updated 5 months ago
• zseano / JS-Scan
  a .js scanner, built in php. designed to scrape urls and other info
  ☆203Updated 7 years ago
• craighays / bucketkicker
  Brute force AWS bucket finder
  ☆58Updated last year
• orlyjamie / asnrecon
  ASN reconnaissance script
  ☆121Updated 7 months ago
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆292Updated 4 years ago