vsec7 / BurpSuite-Xkeys
A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
☆248Updated 2 months ago
Related projects: ⓘ
- Burp Extension written in Jython to hunt for common vulnerabilities found in websites. Developed by Gaurav Narwani to help people find vu…☆233Updated 4 years ago
- Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...☆144Updated 4 years ago
- Python based scanner to find potential SSRF parameters☆282Updated 5 months ago
- ☆179Updated 10 months ago
- ☆141Updated 2 years ago
- Recon Automation for hackers by hackers☆243Updated 4 years ago
- ☆282Updated 2 years ago
- Nuclei templates written by us.☆264Updated 3 years ago
- A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF☆163Updated 4 years ago
- Secret and/or credential patterns used for gf.☆229Updated last year
- Command line tool for testing CRLF injection on a list of domains.☆150Updated 5 months ago
- Python library and CLI for the Bug Bounty Recon API☆220Updated 3 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆294Updated 5 years ago
- this contain the burp pack☆204Updated 7 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆275Updated 3 years ago
- Monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools☆257Updated 2 months ago
- List of reporting templates I have used since I started doing BBH.☆226Updated this week
- Turbo Intruder Scripts☆214Updated 4 years ago
- Burpsuite plugin for Interact.sh☆197Updated 2 months ago
- Burp Extension for easily creating Wordlists☆208Updated 2 years ago
- Hidden parameters discovery suite☆220Updated last year
- You can read the writeup on this script here☆266Updated 4 years ago
- Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]☆212Updated 3 weeks ago
- ☆173Updated this week
- A lists of words based on common web directory and file names lists of words based on common web directory and file names. These wordlist…☆217Updated 5 years ago
- Payloads for CRLF Injection☆210Updated 2 years ago
- Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…☆176Updated 3 years ago
- ☆221Updated 3 months ago
- Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations☆328Updated 4 years ago
- Create your Custom Wordlist For Fuzzing☆187Updated last year