visma-prodsec / confusedLinks
Tool to check for dependency confusion vulnerabilities in multiple package management systems
β764Updated last year
Alternatives and similar repositories for confused
Users that are interested in confused are comparing it to the libraries listed below
Sorting:
- β685Updated 3 years ago
- πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.β934Updated 9 months ago
- Content-Type Research��β639Updated 4 months ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.β399Updated 4 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ912Updated 3 years ago
- Client Side Prototype Pollution Scannerβ521Updated 3 years ago
- a javascript change monitoring tool for bugbountiesβ673Updated last year
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devicesβ634Updated 3 months ago
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)β757Updated 3 years ago
- β554Updated 7 months ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β994Updated last year
- This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests aβ¦β343Updated 4 years ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technologyβ¦β687Updated 4 months ago
- β408Updated 4 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β683Updated last year
- Electron JS Browser To Find XSS Vulnerabilities Automaticallyβ747Updated 4 years ago
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelβ¦β1,024Updated 9 months ago
- Fetches javascript file from a list of URLS or subdomains.β808Updated 3 months ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutationsβ395Updated 2 years ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-iconβ1,237Updated last year
- Go client to communicate with Chaos DB API.β789Updated last week
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlistsβ757Updated 2 years ago
- Obtain GraphQL API schema even if the introspection is disabledβ1,297Updated 2 months ago
- GraphQL automated security testing toolkitβ327Updated last year
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. π¦β644Updated 2 months ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β1,018Updated 2 months ago
- β418Updated 4 years ago
- Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.β713Updated last year
- Accept URLs on stdin, replace all query string values with a user-supplied valueβ843Updated 2 years ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.β513Updated 3 years ago