visma-prodsec / confusedLinks
Tool to check for dependency confusion vulnerabilities in multiple package management systems
β770Updated last year
Alternatives and similar repositories for confused
Users that are interested in confused are comparing it to the libraries listed below
Sorting:
- πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.β953Updated 11 months ago
- β691Updated 3 years ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.β400Updated 4 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ935Updated 3 years ago
- Client Side Prototype Pollution Scannerβ522Updated 3 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devicesβ637Updated 5 months ago
- β415Updated 4 years ago
- β557Updated 8 months ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β1,001Updated last year
- This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests aβ¦β344Updated 4 years ago
- a javascript change monitoring tool for bugbountiesβ697Updated last year
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technologyβ¦β773Updated 6 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β696Updated last year
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)β764Updated 3 years ago
- Content-Type Researchβ644Updated 5 months ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-iconβ1,258Updated last year
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelβ¦β1,031Updated 11 months ago
- Fetches javascript file from a list of URLS or subdomains.β817Updated 4 months ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlistsβ760Updated 2 years ago
- Electron JS Browser To Find XSS Vulnerabilities Automaticallyβ748Updated 4 years ago
- Automated learning of regexes for DNS discoveryβ380Updated 2 years ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutationsβ398Updated 2 years ago
- Accept URLs on stdin, replace all query string values with a user-supplied valueβ850Updated 3 years ago
- β430Updated 4 years ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.β447Updated last month
- Go client to communicate with Chaos DB API.β799Updated last week
- A cheatsheet for exploiting server-side SVG processors.β782Updated 5 years ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.β516Updated 3 years ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applicationsβ1,269Updated 4 months ago
- A collection of regexes for every possbile useβ436Updated 2 years ago