visma-prodsec / confused
Tool to check for dependency confusion vulnerabilities in multiple package management systems
β701Updated 3 months ago
Related projects β
Alternatives and complementary repositories for confused
- πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.β833Updated last month
- Client Side Prototype Pollution Scannerβ511Updated 2 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ804Updated 2 years ago
- β528Updated 11 months ago
- β655Updated 2 years ago
- Fetches javascript file from a list of URLS or subdomains.β739Updated last year
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.β356Updated 3 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devicesβ615Updated this week
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)β650Updated 2 years ago
- Accept URLs on stdin, replace all query string values with a user-supplied valueβ767Updated last year
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technologyβ¦β578Updated last month
- β393Updated 3 years ago
- a javascript change monitoring tool for bugbountiesβ589Updated 3 months ago
- Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.β655Updated 10 months ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. π¦β590Updated last year
- Content-Type Researchβ540Updated 9 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β533Updated 11 months ago
- Go client to communicate with Chaos DB API.β641Updated this week
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β935Updated 4 months ago
- Enumerate the permissions associated with AWS credential setβ1,098Updated 9 months ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.β496Updated 2 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β845Updated 10 months ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β876Updated 5 months ago
- Automated learning of regexes for DNS discoveryβ358Updated last year
- HackerOne "in scope" domainsβ400Updated this week
- β369Updated last year
- Unleash the power of cloudβ734Updated 5 months ago
- Generates combination of domain names from the provided input.β901Updated 4 months ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutationsβ367Updated last year
- GraphQL automated security testing toolkitβ302Updated 9 months ago