This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter
☆20Feb 16, 2017Updated 9 years ago
Alternatives and similar repositories for Burp-Scanner-OOB-Checks
Users that are interested in Burp-Scanner-OOB-Checks are comparing it to the libraries listed below
Sorting:
- This repository contains hit lists to use for web application content discovery.☆11May 31, 2017Updated 8 years ago
- A Burp Suite extension which performs checks for cross-domain scripting against the DOM, subresource integrity checks, and evaluates Java…☆26Mar 23, 2022Updated 3 years ago
- Burp extension to find and decode BigIP and Netscaler cookies☆15Jul 20, 2018Updated 7 years ago
- A simple bash script that uses smbclient to test access to Windows file shares in automated fashion.☆19Jul 9, 2015Updated 10 years ago
- An example of high-QPS requesting Burp Intruder style on AWS Lambda via self-invocation.☆22Nov 15, 2018Updated 7 years ago
- A framework for exploiting padding oracles in network-based applications☆26Feb 25, 2023Updated 3 years ago
- A DNS connectback shell executed by strings in payloads.txt☆102Sep 19, 2023Updated 2 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- Ruby On Rails unrestricted render() exploit☆16Feb 9, 2018Updated 8 years ago
- Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests☆13Sep 24, 2015Updated 10 years ago
- Electron based screenshot scanner☆68Feb 4, 2023Updated 3 years ago
- Automatically extracts API Keys from APK files☆13Feb 1, 2022Updated 4 years ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- ☆16Oct 24, 2018Updated 7 years ago
- A horizontal and vertical web content enumerator☆52Aug 15, 2018Updated 7 years ago
- Language-agnostic workflow builder. Modular code that goes from dev to prod in a minute with principled design decisions.☆13Mar 11, 2024Updated last year
- ☆128Sep 2, 2019Updated 6 years ago
- Burp extension to decode NTLM SSP headers and extract domain/host information☆31Mar 11, 2021Updated 4 years ago
- Burp extension☆58Jun 18, 2018Updated 7 years ago
- Modified version of ActiveScan++ Burp Suite extension☆31Jan 30, 2017Updated 9 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- Keyhack - Golang API token/webhook validator☆16Mar 20, 2025Updated 11 months ago
- (Unofficial) Python API for http://netcraft.com☆15Jul 6, 2016Updated 9 years ago
- "><script>prompt(1)</script>''"><!--<svg>☆18Nov 20, 2015Updated 10 years ago
- A tool for analyzing the attack surface of an application☆19Mar 5, 2025Updated last year
- "HeaderScan" Burp Plugin☆16Apr 26, 2014Updated 11 years ago
- Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)☆135Jan 15, 2020Updated 6 years ago
- rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments☆250Oct 15, 2019Updated 6 years ago
- A multi-target URL bruteforcer☆22Aug 6, 2018Updated 7 years ago
- 一个简单的NIDS系统☆15May 17, 2017Updated 8 years ago
- ☆38Jul 3, 2020Updated 5 years ago
- Extension adds a new tab in Burp Suite called Extractor☆42Apr 13, 2019Updated 6 years ago
- A curated list of awesome AWS IAM tools, libraries guides, blogs, and other resources☆17Jan 5, 2020Updated 6 years ago
- ☆17Jan 20, 2021Updated 5 years ago
- This is a repository containing example code for how you can use unit tests to protect against security regression.☆19Jun 26, 2017Updated 8 years ago
- XXRF Shots - Useful for testing SSRF vulnerability☆74Feb 18, 2023Updated 3 years ago
- XSS Hunter Burp Plugin☆151Aug 31, 2018Updated 7 years ago
- 一款开源指纹识别工具。☆15May 19, 2017Updated 8 years ago
- Squirtle the Browser-based NTLM Attack Toolkit☆17Apr 13, 2015Updated 10 years ago