wireghoul / graudit
grep rough audit - source code auditing tool
☆1,595Updated 3 months ago
Alternatives and similar repositories for graudit:
Users that are interested in graudit are comparing it to the libraries listed below
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,394Updated 2 months ago
- Automatic SSRF fuzzer and exploitation tool☆3,126Updated last month
- Notes about attacking Jenkins servers☆2,038Updated 8 months ago
- SSRF (Server Side Request Forgery) testing resources☆2,394Updated 5 months ago
- The XSS Hunter service - a portable version of XSSHunter.com☆1,514Updated 2 years ago
- A curated list of amazingly awesome Burp Extensions☆3,105Updated last month
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆3,897Updated 11 months ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,766Updated 3 years ago
- A python script that finds endpoints in JavaScript files☆3,870Updated 11 months ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆2,719Updated last week
- Subdomain Takeover tool written in Go☆1,952Updated last year
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,601Updated last week
- A tool for embedding XXE/XML exploits into different filetypes☆1,072Updated 3 months ago
- ☆2,253Updated last year
- Automated NoSQL database enumeration and web application exploitation tool.☆3,033Updated 8 months ago
- ☆978Updated 2 months ago
- File upload vulnerability scanner and exploitation tool.☆3,181Updated last year
- A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, al…☆2,151Updated 2 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆1,929Updated last year
- The Swiss Army knife for automated Web Application Testing☆2,210Updated 10 months ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,715Updated 11 months ago
- Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.o…☆1,846Updated 2 weeks ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,610Updated 3 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,225Updated 5 months ago
- Automatically exported from code.google.com/p/domxsswiki☆525Updated 6 years ago
- The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.☆1,193Updated last month
- linuxprivchecker.py -- a Linux Privilege Escalation Check Script☆1,629Updated 3 years ago
- List of XSS Vectors/Payloads☆1,221Updated 2 months ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆880Updated this week
- A DNS rebinding attack framework.☆1,072Updated 2 weeks ago