thegsoinfosec / web-app
Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've helped me discover some stubborn and well hidden XSS vulnerabilities.
☆27Updated 5 years ago
Alternatives and similar repositories for web-app:
Users that are interested in web-app are comparing it to the libraries listed below
- This script scrapes the list of open Bug Bounty Programs from openbugbounty.org☆27Updated 2 years ago
- Extract subdomains from rapiddns.io☆23Updated 2 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 7 years ago
- Bug Bounty Clipboard☆17Updated 5 years ago
- web-based-fuzzer☆32Updated 4 years ago
- Deploy a Private Burpsuite Collaborator using boto3 Python Library☆57Updated 5 years ago
- Unique wordlist generator of unique wordlists.☆43Updated last year
- Get all possible href | src | url from target url or domain☆41Updated 4 years ago
- ☆19Updated 5 years ago
- The Recon scanning tool scans websites for open files & directories specified in the custom config file. Default server configuration fil…☆15Updated 6 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- A commandline forced browsing tool for subdomain lists☆9Updated 4 years ago
- ☆18Updated 6 years ago
- Noob Penetration tester☆11Updated 9 months ago
- Kubernetes Scanner☆40Updated 3 years ago
- A simple tool with the power of "Go" to find the hidden Vhosts defined at the server.☆19Updated 6 years ago
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Updated 6 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆47Updated 4 years ago
- Collection of different exploitation scenarios of JWT.☆21Updated 3 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Updated 4 years ago
- Literally spray blind xss payloads everywhere.☆25Updated 3 years ago
- XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily,…☆52Updated 4 years ago
- ☆28Updated 5 years ago
- Just a simple SMTP server, implementation of @corpix smtpd library☆14Updated 4 years ago
- A collection of OSCE preparation resources.☆24Updated 5 years ago
- Reconnaisance Tool☆11Updated 4 years ago
- Scan and import relevant requests directly to burp!☆9Updated 5 years ago
- A companion repo to accompany detailed guides and YouTube content to allow users to follow along☆13Updated 4 years ago
- My notebook for OSCP Lab☆25Updated 7 years ago