thegsoinfosec / web-appLinks
Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've helped me discover some stubborn and well hidden XSS vulnerabilities.
☆28Updated 6 years ago
Alternatives and similar repositories for web-app
Users that are interested in web-app are comparing it to the libraries listed below
Sorting:
- Deploy a Private Burpsuite Collaborator using boto3 Python Library☆58Updated 5 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆32Updated 7 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- Bug Bounty Clipboard☆17Updated 6 years ago
- Unique wordlist generator of unique wordlists.☆41Updated 2 years ago
- A tool for fetching archived URLs (to be rewritten in Go).☆41Updated 7 years ago
- ☆32Updated 6 years ago
- web-based-fuzzer☆32Updated 5 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆46Updated 2 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- Local File Inclusion Burp-Suite Intruder Payload Generator Plugin☆41Updated 5 years ago
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.☆57Updated 5 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Updated 6 years ago
- Extract subdomains from rapiddns.io☆23Updated 3 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆59Updated 6 years ago
- The format of various s3 buckets is convert in one format. for bugbounty and security testing.☆86Updated 2 years ago
- A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.(Ad…☆42Updated 3 years ago
- Retrive the status codes from a list of URLs☆33Updated 5 years ago
- Just a simple SMTP server, implementation of @corpix smtpd library☆15Updated 5 years ago
- Collection of content discovery wordlists in one wordlist.☆38Updated 3 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆47Updated 6 years ago
- ☆22Updated 3 years ago
- An Extended, Modulair, Host Discovery Framework☆43Updated 6 years ago
- Nmap script to check vulnerability CVE-2021-21975☆27Updated 4 years ago
- A tool to evaluate Content Security Policies.☆71Updated 5 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Updated 4 years ago
- Simple burp extension for routing traffic over tor. It instruments tor to switch to a new circuit after every N requests.☆20Updated 3 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Updated 4 years ago
- Oracle Database Penetration Testing Reference (10g/11g)☆39Updated 7 years ago