thegsoinfosec / web-app
Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've helped me discover some stubborn and well hidden XSS vulnerabilities.
☆27Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for web-app
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated last year
- web-based-fuzzer☆32Updated 4 years ago
- Deploy a Private Burpsuite Collaborator using boto3 Python Library☆57Updated 4 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 6 years ago
- Get all possible href | src | url from target url or domain☆41Updated 4 years ago
- ☆31Updated 5 years ago
- Kubernetes Scanner☆41Updated 2 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆46Updated 5 years ago
- Extract subdomains from rapiddns.io☆23Updated last year
- ☆10Updated 5 years ago
- Auto Recon Bash Script☆30Updated 4 years ago
- Collection of different exploitation scenarios of JWT.☆21Updated 3 years ago
- XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily,…☆44Updated 3 years ago
- SubR3con is a script written in python. It uses Sublist3r to enumerate all subdomains of a specific target and then it checks for status …☆18Updated 5 years ago
- Unique wordlist generator of unique wordlists.☆41Updated last year
- This script scrapes the list of open Bug Bounty Programs from openbugbounty.org☆26Updated 2 years ago
- URL-encode data streams via commandline☆14Updated 5 years ago
- Just a simple SMTP server, implementation of @corpix smtpd library☆14Updated 4 years ago
- A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.(Ad…☆40Updated last year
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆17Updated 4 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated last year
- Bug Bounty Clipboard☆17Updated 5 years ago
- automatic scan for hackthebox☆14Updated 4 years ago
- A commandline forced browsing tool for subdomain lists☆9Updated 4 years ago