yavolo / Web-CTF-CheatsheetLinks
Web CTF CheatSheet π
β34Updated 6 years ago
Alternatives and similar repositories for Web-CTF-Cheatsheet
Users that are interested in Web-CTF-Cheatsheet are comparing it to the libraries listed below
Sorting:
- Script for Bug Bountyβ29Updated 3 years ago
- A "Spring4Shell" vulnerability scanner.β49Updated 5 months ago
- Extract endpoints marked as disallow in robots files to generate wordlists.β57Updated 3 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to β¦β49Updated 3 years ago
- β33Updated 3 years ago
- Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)β88Updated 3 years ago
- β48Updated 4 years ago
- β42Updated 4 years ago
- bug bounty automationβ13Updated 4 years ago
- Given a list of domains, you resolve them and get the IP addresses.β48Updated 3 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.β72Updated 3 years ago
- Bugbounty utility to store list of enumerated subdomains into an sqlite3 db [one liner style / Pipe and save]β29Updated 4 years ago
- A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI explorationβ79Updated 4 years ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.β45Updated 4 years ago
- Striping CDN & WAF IPs from a list of IP Addressesβ79Updated 2 months ago
- XSSearch is a comprehensive reflected XSS tool built on selenium framework in python language. It contains more than 3000 payloads for auβ¦β59Updated 3 years ago
- A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it usβ¦β63Updated 4 years ago
- Improve automated and semi-automated active scanning in Burp Proβ61Updated last month
- A Burp Suite extension which augments your proxy traffic by injecting log4shell payloads into headersβ42Updated 3 years ago
- Simple recon tool automates your recon processβ17Updated 2 years ago
- Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.β111Updated 3 years ago
- All known and unknown public POC's for wordpress themes and pluginsβ78Updated 4 years ago
- β61Updated 4 years ago
- A list of threat sinks used in the manual security source code review for application securityβ72Updated 2 years ago
- This extension provides a way to discover NoSQL injection vulnerabilities.β23Updated 2 years ago
- The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of informatioβ¦β58Updated 2 years ago
- Small tool to automate SSRF wordpress and XMLRPC finderβ81Updated 2 years ago
- β44Updated last year
- RCE for Pega Infinity >= 8.2.1, Pega Infinity <= 8.5.2β60Updated 4 years ago
- A crawler that tests HTML forms for reflectionβ48Updated 3 years ago