trufflesecurity / xsshunter
☆353Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for xsshunter
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆532Updated 10 months ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆872Updated 4 months ago
- An IIS short filename enumeration tool☆787Updated 3 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆526Updated 3 weeks ago
- A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidde…☆309Updated 3 months ago
- Gotator is a tool to generate DNS wordlists through permutations.☆453Updated 2 years ago
- CT Log Scanner☆280Updated last month
- Local File Inclusion discovery and exploitation tool☆221Updated last month
- Discover new target domains using Content Security Policy☆379Updated this week
- An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.☆546Updated last year
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆50Updated 6 months ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆845Updated 9 months ago
- ☆439Updated 6 months ago
- hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.☆426Updated 2 years ago
- Smart context-based SSRF vulnerability scanner.☆347Updated 2 years ago
- Automated learning of regexes for DNS discovery☆358Updated last year
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆334Updated this week
- i will upload more templates here to share with the comunity.☆526Updated 6 months ago
- ☆157Updated this week
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆387Updated this week
- De-clutter a list of URLs☆307Updated 7 months ago
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆399Updated last month
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆940Updated 10 months ago
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆328Updated last year
- oneliner commands for bug bounties☆419Updated 2 years ago
- bash script for Subdomain Enumeration☆328Updated last year
- Golang client for querying SecurityTrails API data☆538Updated last year
- Crtsh Subdomain Enumeration | This bash script makes it easy to quickly save and parse the output from https://crt.sh website.☆196Updated 2 months ago
- Small tool to Grab subdomains using Shodan api.☆357Updated last week
- Fast and customizable subdomain wordlist generator using DSL☆721Updated this week