visma-prodsec / confusedLinks
Tool to check for dependency confusion vulnerabilities in multiple package management systems
β739Updated 11 months ago
Alternatives and similar repositories for confused
Users that are interested in confused are comparing it to the libraries listed below
Sorting:
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.β387Updated 3 years ago
- πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.β904Updated 6 months ago
- β685Updated 3 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ882Updated 3 years ago
- This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests aβ¦β337Updated 4 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devicesβ630Updated last month
- Client Side Prototype Pollution Scannerβ519Updated 2 years ago
- β545Updated 4 months ago
- Content-Type Researchβ627Updated last month
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β983Updated last year
- β391Updated 3 years ago
- a javascript change monitoring tool for bugbountiesβ655Updated last year
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)β743Updated 3 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β661Updated last year
- Fetches javascript file from a list of URLS or subdomains.β788Updated 2 weeks ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technologyβ¦β659Updated 2 months ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-iconβ1,198Updated last year
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. π¦β631Updated 2 years ago
- Go client to communicate with Chaos DB API.β747Updated last week
- A collection of regexes for every possbile useβ431Updated last year
- A cheatsheet for exploiting server-side SVG processors.β750Updated 5 years ago
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!β1,162Updated 2 months ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutationsβ389Updated 2 years ago
- β415Updated 4 years ago
- GraphQL automated security testing toolkitβ322Updated last year
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelβ¦β1,006Updated 7 months ago
- Automated learning of regexes for DNS discoveryβ371Updated 2 years ago
- A wordlist of API names for web application assessmentsβ834Updated last month
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlistsβ742Updated 2 years ago
- Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.β696Updated last year