Alternatives and similar repositories for web-app:

Users that are interested in web-app are comparing it to the libraries listed below

• Leoid / AWSBurpCollaborator
  Deploy a Private Burpsuite Collaborator using boto3 Python Library
  ☆57Updated 5 years ago
• SomeKirill / wordlist_generator
  Unique wordlist generator of unique wordlists.
  ☆42Updated last year
• YashGoti / gal
  Get all possible href | src | url from target url or domain
  ☆41Updated 4 years ago
• PortSwigger / burp-smart-buster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆31Updated 7 years ago
• Static-Flow / DirectoryImporter
  This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…
  ☆36Updated last year
• random-robbie / kube-scan
  Kubernetes Scanner
  ☆40Updated 3 years ago
• redhuntlabs / BurpSuite-Asset_History
  ☆34Updated 3 weeks ago
• codewatchorg / Burp-IndicatorsOfVulnerability
  Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack
  ☆41Updated 2 years ago
• Cyb3rMehul / venom
  Auto Recon Bash Script
  ☆30Updated last month
• nullenc0de / Project-X
  Reconnaisance Tool
  ☆11Updated 4 years ago
• B3nac / bXSSRequest
  Literally spray blind xss payloads everywhere.
  ☆25Updated 2 years ago
• random-robbie / s3-tko
  AWS S3 Bucket Finder.
  ☆15Updated 5 years ago
• eur0pa / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆27Updated 6 years ago
• codewatchorg / Burp-AnonymousCloud
  Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
  ☆44Updated 2 years ago
• bashexplode / directory-wordlists
  Wordlists for intelligent directory brute-forcing
  ☆28Updated 3 years ago
• ethicalhackingplayground / crlfmap
  CRLFMap is a tool to find HTTP Splitting vulnerabilities
  ☆25Updated 4 years ago
• riyazwalikar / injection-attacks-nosql-talk
  Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019
  ☆22Updated 5 years ago
• InitRoot / fransRecon
  Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated…
  ☆32Updated 5 years ago
• ivision-research / burp-highlighter
  ☆22Updated 2 years ago
• Static-Flow / BurpSuiteTeamServer
  This is the Go Server that relays all HTTP requests and responses between clients.
  ☆27Updated last year
• jimmy-ly00 / dirlister
  Create wordlists from source codes files/directories for enumeration
  ☆30Updated last year
• yashrs / safecopy
  Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…
  ☆17Updated 4 years ago
• Emoe / OpenBugBounty-Scrapper
  This script scrapes the list of open Bug Bounty Programs from openbugbounty.org
  ☆27Updated 2 years ago
• theblackturtle / wildcheck
  A simple tool to detect wildcards domain based on Amass's wildcards detector.
  ☆62Updated 3 years ago
• Quitten / XSSor
  XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily,…
  ☆49Updated 3 years ago
• ettic-team / EndpointFinder-Burp
  ☆31Updated 5 years ago
• hahwul / hbxss
  Security test tool for Blind XSS
  ☆26Updated 4 years ago
• spenkk / rapiddns-extractor
  Extract subdomains from rapiddns.io
  ☆23Updated 2 years ago
• mgeeky / burpContextAwareFuzzer
  BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…
  ☆39Updated 3 years ago
• Knowledge-Wisdom-Understanding / Auto-Recon
  Information-Gathering Shell Script
  ☆29Updated 4 years ago