telekom-security / explo
Human and machine readable web vulnerability testing format
☆182Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for explo
- A blind SQL injection module that uses bitshfting to calculate characters.☆113Updated 2 years ago
- A simple XSS finding tool☆108Updated 6 years ago
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆212Updated last month
- Note: Going through a full re-write of the tooling so the current versions in the repo do not work!☆398Updated 4 years ago
- Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).☆362Updated 5 years ago
- an asynchronous target enumeration tool☆239Updated last year
- A better version of my xssfinder tool - scans for different types of xss on a list of urls.☆182Updated 5 years ago
- Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]☆302Updated 6 years ago
- Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.☆219Updated last year
- An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.☆270Updated 3 years ago
- Collect information about email addresses from Pastebin☆35Updated 3 years ago
- SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.☆253Updated 5 months ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.☆304Updated 3 years ago
- CMS Scanner Framework☆130Updated 2 weeks ago
- Tool for exploiting SQL injection vulnerabilities that sqlmap can't find.☆96Updated 6 years ago
- Burp Suite extension to discover assets from HTTP response.☆219Updated 3 years ago
- Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions☆218Updated 2 years ago
- A tool to generate media files with malicious metadata☆124Updated 5 years ago
- An OSINT tool to find contacts in order to report security vulnerabilities.☆267Updated 4 years ago
- Server-side request forgery detector☆149Updated 7 years ago
- Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdom…☆101Updated last year
- search for hosts info with shodan☆228Updated 3 years ago
- A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.☆395Updated 4 years ago
- File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.☆266Updated 3 years ago
- Local File Inclusion Exploitation Tool (mirror)☆122Updated 7 years ago
- My Recon Automation☆194Updated 3 years ago
- Some tools to automate recon - 003random☆295Updated 6 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆465Updated 5 years ago
- A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys☆151Updated last year
- A tool to hunt for publicly accessible DigitalOcean Spaces☆154Updated 4 years ago