usdAG / cstcLinks
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
☆235Updated this week
Alternatives and similar repositories for cstc
Users that are interested in cstc are comparing it to the libraries listed below
Sorting:
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆261Updated 2 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆159Updated 6 months ago
- A GraphQL enumeration and extraction tool☆131Updated 2 years ago
- Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.☆267Updated 4 months ago
- ☆193Updated 6 months ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆266Updated 2 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆259Updated 2 years ago
- ☆148Updated 3 years ago
- ☆80Updated 3 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆173Updated 7 months ago
- Find CVE PoCs on GitHub☆148Updated last year
- Tools to assess the DNS security of web applications☆128Updated 2 years ago
- PP-finder Help you find gadget for prototype pollution exploitation☆162Updated 9 months ago
- Workshop given at Hack in Paris 2019☆122Updated last year
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆142Updated 2 years ago
- Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Proj…☆280Updated last year
- ☆249Updated 11 months ago
- The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources☆130Updated 4 years ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆94Updated 11 months ago
- Damn Vulnerable Thick Client App developed in C# .NET☆154Updated last year
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆159Updated 6 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆191Updated 9 months ago
- Source Code Management Attack Toolkit☆219Updated 2 years ago
- Black box fuzzer for web applications☆426Updated 10 months ago
- JMX enumeration and attacking tool.☆440Updated 2 months ago
- A tool to inspect and attack version 1 GUIDs☆221Updated 2 years ago
- A natural evolution of Burp Suite's Repeater tool☆199Updated last year
- A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate☆209Updated 11 months ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆183Updated 2 years ago
- A script that you can run in the background!☆175Updated 5 years ago