zaproxy / zap-extensions
ZAP Add-ons
☆826Updated this week
Related projects: ⓘ
- A collection of ZAP scripts and tips provided by the community - pull requests very welcome!☆771Updated this week
- Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.o…☆1,804Updated 3 weeks ago
- The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable we…☆858Updated last week
- OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.☆521Updated 4 years ago
- ☆2,163Updated 9 months ago
- Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications…☆1,157Updated this week
- Web application security scanner created by lcamtuf for google - Unofficial Mirror☆684Updated last year
- Finds unknown classes of injection vulnerabilities☆626Updated 11 months ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,657Updated 4 months ago
- ☆950Updated 9 months ago
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,299Updated 4 months ago
- ☆784Updated 10 months ago
- DotDotPwn - The Directory Traversal Fuzzer☆973Updated last year
- Vulnerability scanner based on vulners.com search API☆828Updated 5 months ago
- The XSS Hunter service - a portable version of XSSHunter.com☆1,472Updated last year
- GoLismero - The Web Knife☆860Updated 3 years ago
- Subdomain Takeover tool written in Go☆1,892Updated last year
- The ZAP Heads Up Display (HUD)☆250Updated last month
- Discover Your Attack Surface!☆1,350Updated last year
- A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…☆1,188Updated 9 months ago
- ☆1,203Updated last week
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆630Updated 3 years ago
- grep rough audit - source code auditing tool☆1,487Updated last month
- Web and mobile application security training platform☆1,329Updated 2 months ago
- dnsenum is a perl script that enumerates DNS information☆592Updated 4 years ago
- Automatically exported from code.google.com/p/domxsswiki☆515Updated 6 years ago
- Setup script for Regon-ng☆915Updated 3 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,030Updated 2 months ago
- The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.☆1,089Updated 4 months ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,508Updated 4 years ago