thegsoinfosec / BurpSuite_payloads
Payloads to be used with Burp Suite Intruder. (Originally found on swisskeyrepo-PayloadsAllTheThings)
☆75Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for BurpSuite_payloads
- A docker image which will enumerate, sort, unique and resolve the results of various subdomains enumeration tools.☆69Updated 3 months ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆130Updated 3 years ago
- A combined wordlists for files and directory discovery☆116Updated 3 years ago
- A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bul…☆95Updated 3 years ago
- golang tool to scan domains or single domains with know security issues against xmlrpc☆59Updated last year
- Burp Bounty profiles compilation, feel free to contribute!☆145Updated 3 years ago
- A simple Bash one liner with aim to automate CRLF vulnerability scanning.☆68Updated 4 years ago
- A Python based scanner to find potential SSRF parameters in a web application.☆71Updated 3 years ago
- LFI Payloads List coolected from github repos☆71Updated 4 years ago
- part of my wordlist to bruteforce DNS to find subdoamains.☆62Updated 3 years ago
- HTTP parameter discovery suite.☆59Updated 4 years ago
- All known and unknown public POC's for wordpress themes and plugins☆78Updated 3 years ago
- A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks☆55Updated 5 years ago
- 📚 An ultimate collection wordlists of the best-known CMS�☆83Updated 5 months ago
- Generates target specific word lists for Fuzzing with fuff☆106Updated 4 years ago
- ☆74Updated 6 months ago
- Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs☆95Updated 3 years ago
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files☆36Updated 3 years ago
- A reverse whois tool based on Whoxy API.☆158Updated 7 months ago
- A Payload Injector for bugbounties written in go☆71Updated 4 years ago
- A collection of code for interacting with API sources directly to improve your understanding of those services.☆65Updated 3 years ago
- A Simple Tool to Pull Paid Bounty Scopes for Wide Recon Actvities☆102Updated 3 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆162Updated 3 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆165Updated 3 years ago
- The scripts I write to help me on my bug bounty hunting☆120Updated 2 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago
- Prototype Pollution Scanner☆101Updated 3 years ago
- 0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover☆56Updated 3 years ago