telekom-security / explo

Related projects ⓘ

Alternatives and complementary repositories for explo

• awnumar / blind-sql-bitshifting
  A blind SQL injection module that uses bitshfting to calculate characters.
  ☆113Updated 2 years ago
• Ekultek / XanXSS
  A simple XSS finding tool
  ☆108Updated 6 years ago
• cujanovic / Content-Bruteforcing-Wordlist
  Wordlist for content(directory) bruteforce discovering with Burp or dirsearch
  ☆212Updated last month
• ZephrFish / GoogD0rker
  Note: Going through a full re-write of the tooling so the current versions in the repo do not work!
  ☆398Updated 4 years ago
• JohnTroony / Blisqy
  Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
  ☆362Updated 5 years ago
• welchbj / bscan
  an asynchronous target enumeration tool
  ☆239Updated last year
• Damian89 / extended-xss-search
  A better version of my xssfinder tool - scans for different types of xss on a list of urls.
  ☆182Updated 5 years ago
• EdOverflow / megplus
  Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
  ☆302Updated 6 years ago
• wafpassproject / wafpass
  Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.
  ☆219Updated last year
• clouedoc / AutoSQLi
  An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.
  ☆270Updated 3 years ago
• woj-ciech / pepe
  Collect information about email addresses from Pastebin
  ☆35Updated 3 years ago
• codewatchorg / sqlipy
  SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
  ☆253Updated 5 months ago
• tijme / angularjs-csti-scanner
  Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.
  ☆304Updated 3 years ago
• wpscanteam / CMSScanner
  CMS Scanner Framework
  ☆130Updated 2 weeks ago
• lanmaster53 / sqli-exploiter
  Tool for exploiting SQL injection vulnerabilities that sqlmap can't find.
  ☆96Updated 6 years ago
• redhuntlabs / BurpSuite-Asset_Discover
  Burp Suite extension to discover assets from HTTP response.
  ☆219Updated 3 years ago
• infosec-au / enumXFF
  Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
  ☆218Updated 2 years ago
• RUB-NDS / Metadata-Attacker
  A tool to generate media files with malicious metadata
  ☆124Updated 5 years ago
• EdOverflow / contact.sh
  An OSINT tool to find contacts in order to report security vulnerabilities.
  ☆267Updated 4 years ago
• JacobReynolds / ssrfDetector
  Server-side request forgery detector
  ☆149Updated 7 years ago
• samhaxr / TakeOver-v1
  Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdom…
  ☆101Updated last year
• HatBashBR / ShodanHat
  search for hosts info with shodan
  ☆228Updated 3 years ago
• SolomonSklash / chomp-scan
  A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
  ☆395Updated 4 years ago
• chrispetrou / FDsploit
  File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
  ☆266Updated 3 years ago
• hvqzao / liffy
  Local File Inclusion Exploitation Tool (mirror)
  ☆122Updated 7 years ago
• Mad-robot / Spartan
  My Recon Automation
  ☆194Updated 3 years ago
• 003random / 003Recon
  Some tools to automate recon - 003random
  ☆295Updated 6 years ago
• RhinoSecurityLabs / SleuthQL
  Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
  ☆465Updated 5 years ago
• 0xbharath / censys-enumeration
  A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys
  ☆151Updated last year
• appsecco / spaces-finder
  A tool to hunt for publicly accessible DigitalOcean Spaces
  ☆154Updated 4 years ago