Alternatives and similar repositories for LKWA:

Users that are interested in LKWA are comparing it to the libraries listed below

• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆617Updated 10 months ago
• PortSwigger / upload-scanner
  HTTP file upload scanner for Burp Proxy
  ☆397Updated last year
• whitel1st / docem
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆566Updated 11 months ago
• modzero / mod0BurpUploadScanner
  HTTP file upload scanner for Burp Proxy
  ☆485Updated last year
• ZeddYu / HTTP-Smuggling-Lab
  Use HTTP Smuggling Lab to learn HTTP Smuggling.
  ☆346Updated 2 years ago
• 0xacb / viewgen
  Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
  ☆593Updated last year
• c0rv4x / project-black
  Pentest/BugBounty progress control with scanning modules
  ☆283Updated 4 years ago
• mhaskar / RCEScanner
  Simple python script to extract unsafe functions from php projects
  ☆197Updated 6 years ago
• nccgroup / BurpSuiteHTTPSmuggler
  A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
  ☆717Updated 5 years ago
• incredibleindishell / SSRF_Vulnerable_Lab
  This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
  ☆684Updated last year
• Bo0oM / WAF-bypass-Cheat-Sheet
  Another way to bypass WAF Cheat Sheet (draft)
  ☆418Updated 6 years ago
• orangetw / awesome-jenkins-rce-2019
  There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
  ☆601Updated 5 years ago
• BishopFox / GadgetProbe
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆592Updated 3 years ago
• devoteam-cybertrust / burpcollaborator-docker
  This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…
  ☆281Updated this week
• veracode-research / solr-injection
  Apache Solr Injection Research
  ☆571Updated 4 years ago
• cheetz / sslScrape
  SSLScrape | A scanning tool for scaping hostnames from SSL certificates.
  ☆333Updated 3 years ago
• epi052 / recon-pipeline
  An automated target reconnaissance pipeline.
  ☆428Updated last year
• daeken / SSRFTest
  SSRF testing tool
  ☆243Updated 2 years ago
• staaldraad / xxeserv
  A mini webserver with FTP support for XXE payloads
  ☆327Updated last year
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆256Updated 2 years ago
• assetnote / commonspeak2-wordlists
  Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.
  ☆522Updated 6 years ago
• s0md3v / MyPapers
  Repository for hosting my research papers
  ☆505Updated 9 months ago
• makuga01 / dnsFookup
  DNS rebinding toolkit
  ☆251Updated last year
• 0xC01DF00D / Collabfiltrator
  Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
  ☆251Updated 2 months ago
• SilverPoision / Rock-ON
  Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.
  ☆291Updated 5 years ago
• appsecco / the-art-of-subdomain-enumeration
  This repository contains all the supplement material for the book "The art of sub-domain enumeration"
  ☆638Updated 5 years ago
• ZephrFish / Wordlists
  Various Payload wordlists
  ☆234Updated 4 years ago
• dark-warlord14 / JSScanner
  You can read the writeup on this script here
  ☆269Updated 4 years ago
• internetwache / CT_subdomains
  An hourly updated list of subdomains gathered from certificate transparency logs
  ☆342Updated 3 years ago