wish-i-was / femida
Automated blind-xss search for Burp Suite
☆284Updated 5 years ago
Alternatives and similar repositories for femida:
Users that are interested in femida are comparing it to the libraries listed below
- Various Payload wordlists☆235Updated last week
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆258Updated 2 years ago
- Payloads for CRLF Injection☆222Updated 6 months ago
- SSRF testing tool☆244Updated 2 years ago
- A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys☆152Updated 2 years ago
- File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.☆272Updated 4 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆295Updated 5 years ago
- Burp Suite extension to discover assets from HTTP response.☆225Updated 3 months ago
- A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…☆133Updated last year
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆214Updated 6 months ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆275Updated 4 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆301Updated 2 years ago
- ☆277Updated 2 years ago
- A permutation generation tool written in golang☆210Updated 5 years ago
- Trying to make automated recon for bug bounties☆253Updated 4 years ago
- Burp Suite Extension to monitor new scope☆197Updated 4 years ago
- this contain the burp pack☆206Updated 8 years ago
- A collection of scripts to extend Burp Suite☆142Updated 6 years ago
- Bugbounty scope tool☆328Updated 2 months ago
- ☆242Updated 6 years ago
- a .js scanner, built in php. designed to scrape urls and other info☆215Updated 7 years ago
- A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…☆252Updated last year
- Simple shell script for automated domain recognition with some tools☆300Updated 4 years ago
- Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…☆211Updated 5 years ago
- A script that can resolve an input file of domains and scan them with masscan☆157Updated 4 years ago
- Scan Victim Backup Directories & Backup Files☆178Updated last year
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆137Updated 5 years ago
- Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts a…☆364Updated 2 years ago
- A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-s…☆436Updated 3 years ago
- You can read the writeup on this script here☆193Updated 3 years ago