wish-i-was / femida
Automated blind-xss search for Burp Suite
☆283Updated 5 years ago
Alternatives and similar repositories for femida:
Users that are interested in femida are comparing it to the libraries listed below
- Payloads for CRLF Injection☆223Updated 4 months ago
- Various Payload wordlists☆235Updated 4 years ago
- A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys☆152Updated 2 years ago
- a .js scanner, built in php. designed to scrape urls and other info☆213Updated 7 years ago
- Burp Suite extension to discover assets from HTTP response.☆221Updated 3 weeks ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆256Updated 2 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆295Updated 5 years ago
- A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…☆135Updated last year
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆212Updated 4 months ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆276Updated 4 years ago
- Burp Suite Extension to monitor new scope☆197Updated 3 years ago
- Trying to make automated recon for bug bounties☆252Updated 3 years ago
- ☆275Updated 2 years ago
- ☆240Updated 6 years ago
- Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts a…☆365Updated 2 years ago
- Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains …☆221Updated 2 years ago
- XSS Hunter Burp Plugin☆149Updated 6 years ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆342Updated 3 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆310Updated last year
- A collection of scripts to extend Burp Suite☆139Updated 5 years ago
- SSRF testing tool☆245Updated 2 years ago
- CVE-2017-9506 - SSRF☆187Updated 3 years ago
- ☆128Updated 6 years ago
- this contain the burp pack☆206Updated 8 years ago
- You can read the writeup on this script here☆193Updated 3 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆138Updated 5 years ago
- Bugbounty scope tool☆324Updated 2 months ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.☆311Updated 3 years ago
- Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…☆208Updated 4 years ago
- Pentest/BugBounty progress control with scanning modules☆283Updated 4 years ago