thegsoinfosec / web-appLinks
Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've helped me discover some stubborn and well hidden XSS vulnerabilities.
☆27Updated 5 years ago
Alternatives and similar repositories for web-app
Users that are interested in web-app are comparing it to the libraries listed below
Sorting:
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 7 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 6 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Updated 6 years ago
- PHP tool to test XSS☆22Updated 5 years ago
- A simple tool with the power of "Go" to find the hidden Vhosts defined at the server.☆19Updated 6 years ago
- Bug Bounty Clipboard☆17Updated 5 years ago
- Just a simple SMTP server, implementation of @corpix smtpd library☆15Updated 5 years ago
- Extract subdomains from rapiddns.io☆23Updated 2 years ago
- web-based-fuzzer☆32Updated 4 years ago
- Deploy a Private Burpsuite Collaborator using boto3 Python Library☆58Updated 5 years ago
- ☆32Updated 6 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- Reconnaisance Tool☆11Updated 5 years ago
- -☆11Updated 4 years ago
- Auto Recon Bash Script☆31Updated 5 months ago
- Security test tool for Blind XSS☆26Updated 5 years ago
- A multi-processed, multi-threaded scanner to discover web directories on multiple URLs.☆21Updated 5 years ago
- ☆22Updated 3 years ago
- Quickly add http and https domains to BurpSuite's scope with all paths.☆16Updated 9 years ago
- Compilation of JavaScript XSS oneliners payloads that rocks your nuts!☆25Updated 7 years ago
- RAS(RAndom Subdomain) Fuzzer☆42Updated 5 years ago
- ☆14Updated 5 years ago
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Updated 6 years ago
- ☆10Updated 5 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆46Updated 6 years ago
- SubR3con is a script written in python. It uses Sublist3r to enumerate all subdomains of a specific target and then it checks for status …☆18Updated 5 years ago
- The Recon scanning tool scans websites for open files & directories specified in the custom config file. Default server configuration fil…☆15Updated 7 years ago
- dummy shopping site for whitebox pentestig☆9Updated 2 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆17Updated 5 years ago