X-Forwarded-For [403 forbidden] enumeration
☆98May 3, 2024Updated last year
Alternatives and similar repositories for XFFenum
Users that are interested in XFFenum are comparing it to the libraries listed below
Sorting:
- A tool to test working urls.☆43Nov 17, 2020Updated 5 years ago
- This tool is just after the first refactoring pushed. Original is from Will Vandevanter (BuffaloWill). Only rearrange the code which will…☆32Jun 10, 2016Updated 9 years ago
- This tool will scan all the URL's in the file and will provide Content-Length, Status-Code, Server and more.☆36Dec 22, 2021Updated 4 years ago
- Get all possible href | src | url from target url or domain☆40Aug 5, 2020Updated 5 years ago
- PNG IDAT chunks XSS payload generator☆205Oct 11, 2022Updated 3 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- take a list of resolved subdomains and output any corresponding CNAMES en masse.☆18Jan 29, 2026Updated last month
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆63Apr 17, 2020Updated 5 years ago
- Burp Suite Extension to monitor new scope☆200Mar 31, 2021Updated 4 years ago
- Extract metadata with SSRF (Server-Side Request Forgery)☆16Jul 23, 2022Updated 3 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- A Burpsuite extension written in Python to perform basic validation fuzzing☆11Oct 7, 2022Updated 3 years ago
- Day by day Lots of Newbie Come into bug Bounty They ask Social Site about Bug Bounty Site, So That's why I open My Hunted All Site.☆32Sep 20, 2020Updated 5 years ago
- A highly configurable Framework for easy automated web scanning☆381Jul 13, 2020Updated 5 years ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆41Dec 27, 2019Updated 6 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- A Tool to Extract Open Kibana Instances on Internet and Map them to their Corresponding Organizations for Bug Bounty.☆16Sep 7, 2019Updated 6 years ago
- CVE-2018-13379 Script for Nmap NSE.☆12Sep 9, 2020Updated 5 years ago
- Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions☆226Mar 29, 2022Updated 3 years ago
- Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common m…☆75Mar 22, 2024Updated last year
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- A Go implementation of dirsearch.☆43Mar 10, 2019Updated 6 years ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆58Mar 2, 2022Updated 4 years ago
- Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations☆58Jul 26, 2020Updated 5 years ago
- Second-order subdomain takeover scanner☆405Aug 28, 2025Updated 6 months ago
- Enhanced 403 bypass header☆21Sep 12, 2022Updated 3 years ago
- Bug Bounty statistics tool.☆33Nov 17, 2022Updated 3 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Mar 15, 2021Updated 4 years ago
- A playground to practice SSRF Attacks against web apps☆17Oct 15, 2018Updated 7 years ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- ☆31Apr 6, 2021Updated 4 years ago
- A better version of my xssfinder tool - scans for different types of xss on a list of urls.☆187Aug 3, 2019Updated 6 years ago
- This extension provides a central location for viewing all GraphQL requests/responses within a Burp project. It provides a clean UI that …☆15Feb 24, 2022Updated 4 years ago
- A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks☆60Aug 30, 2019Updated 6 years ago
- a tool that gets all paths at robots.txt and opens it in the browser.☆14Aug 2, 2019Updated 6 years ago
- ☆16May 3, 2021Updated 4 years ago
- Command line tool for testing CRLF injection on a list of domains.☆164Apr 14, 2024Updated last year
- Local File Inclusion Burp-Suite Intruder Payload Generator Plugin☆40Oct 13, 2020Updated 5 years ago