thegsoinfosec / web-appLinks
Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've helped me discover some stubborn and well hidden XSS vulnerabilities.
☆28Updated 6 years ago
Alternatives and similar repositories for web-app
Users that are interested in web-app are comparing it to the libraries listed below
Sorting:
- Unique wordlist generator of unique wordlists.☆42Updated last year
- Deploy a Private Burpsuite Collaborator using boto3 Python Library☆58Updated 5 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 7 years ago
- Credentials Checking Framework☆54Updated 2 years ago
- Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated…☆32Updated 5 years ago
- web-based-fuzzer☆32Updated 5 years ago
- Bug Bounty Clipboard☆17Updated 5 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- This script scrapes the list of open Bug Bounty Programs from openbugbounty.org☆27Updated 3 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆46Updated 2 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- ☆32Updated 6 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- This tool will scan all the URL's in the file and will provide Content-Length, Status-Code, Server and more.☆36Updated 3 years ago
- Retrive the status codes from a list of URLs☆33Updated 5 years ago
- Auto Recon Bash Script☆31Updated 6 months ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆46Updated 6 years ago
- A simple tool with the power of "Go" to find the hidden Vhosts defined at the server.☆19Updated 6 years ago
- A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.(Ad…☆42Updated 2 years ago
- Common Wordlists☆54Updated 8 years ago
- Wordlists for intelligent directory brute-forcing☆31Updated 3 years ago
- The format of various s3 buckets is convert in one format. for bugbounty and security testing.☆86Updated 2 years ago
- Get all possible href | src | url from target url or domain☆41Updated 4 years ago
- Extract subdomains from rapiddns.io☆23Updated 2 years ago
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.☆57Updated 4 years ago
- A sub-domain enumeration tool☆19Updated 5 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Updated 4 years ago
- XXE Injection Payloads☆28Updated 5 years ago
- a python tool used to scan for Open redirection vulnerability☆20Updated 7 years ago
- Create wordlists from source codes files/directories for enumeration☆30Updated 2 years ago