vavkamil / XFFenum
X-Forwarded-For [403 forbidden] enumeration
☆91Updated 10 months ago
Alternatives and similar repositories for XFFenum:
Users that are interested in XFFenum are comparing it to the libraries listed below
- golang tool to scan domains or single domains with know security issues against xmlrpc☆60Updated last year
- Find subdomains and takeovers.☆84Updated 2 years ago
- Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…☆176Updated 4 years ago
- Host Header Injection Checker☆80Updated 3 years ago
- BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities☆110Updated last year
- All known and unknown public POC's for wordpress themes and plugins☆78Updated 3 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆130Updated 4 years ago
- A tool for append URLs, skipping duplicates/paths & combine parameters.☆120Updated 3 years ago
- Random utilities from my security projects that might be useful to others☆179Updated last month
- Signatures for jaeles scanner by @j3ssie☆116Updated 10 months ago
- CRLF and open redirect fuzzer☆113Updated 3 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆168Updated 4 years ago
- Webapp to search tips on Twitter through #bugbountytips☆71Updated 2 years ago
- A combined wordlists for files and directory discovery☆123Updated 3 years ago
- Get the scope of your bugcrowd programs☆66Updated 4 years ago
- Urls de-duplication tool for better recon.☆139Updated 8 months ago
- Match and Replace script used to automatically generate JSON option file to BurpSuite☆213Updated 5 years ago
- 4xxbypass☆67Updated 3 years ago
- Small tool to automate SSRF wordpress and XMLRPC finder☆80Updated 2 years ago
- ☆29Updated 3 years ago
- Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs☆96Updated 4 years ago
- 📚 An ultimate collection wordlists of the best-known CMS☆90Updated 9 months ago
- A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bul…☆98Updated 3 years ago
- Prototype Pollution Scanner☆112Updated 3 years ago
- Add headers to all Burp requests to bypass some WAF products☆38Updated last year
- A collection of code for interacting with API sources directly to improve your understanding of those services.☆66Updated 4 years ago
- Recon Custom WordList Ganerator☆57Updated 4 years ago
- My Tools For Bug Bounty☆66Updated 5 months ago
- ☆191Updated 5 years ago
- SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibil…☆153Updated 4 years ago