visma-prodsec / confusedLinks
Tool to check for dependency confusion vulnerabilities in multiple package management systems
β744Updated last year
Alternatives and similar repositories for confused
Users that are interested in confused are comparing it to the libraries listed below
Sorting:
- β686Updated 3 years ago
- πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.β906Updated 7 months ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.β388Updated 3 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devicesβ630Updated last month
- β553Updated 5 months ago
- Client Side Prototype Pollution Scannerβ520Updated 2 years ago
- This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests aβ¦β338Updated 4 years ago
- β394Updated 3 years ago
- Content-Type Researchβ631Updated 2 months ago
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)β749Updated 3 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ890Updated 3 years ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β989Updated last year
- a javascript change monitoring tool for bugbountiesβ658Updated last year
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technologyβ¦β663Updated 2 months ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-iconβ1,204Updated last year
- Fetches javascript file from a list of URLS or subdomains.β790Updated last month
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutationsβ392Updated 2 years ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlistsβ749Updated 2 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β670Updated last year
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelβ¦β1,014Updated 7 months ago
- A collection of regexes for every possbile useβ434Updated last year
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.β511Updated 3 years ago
- β415Updated 4 years ago
- Go client to communicate with Chaos DB API.β755Updated this week
- Automated learning of regexes for DNS discoveryβ372Updated 2 years ago
- A wordlist of API names for web application assessmentsβ840Updated 2 months ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. π¦β634Updated 2 years ago
- A DNS Bruteforcing Wordlist Generatorβ361Updated 2 years ago
- β375Updated 4 years ago
- GraphQL automated security testing toolkitβ324Updated last year