IntruderPayloads – Collection of Burpsuite Intruder Payloads For Bug Hunting
IntruderPayloads A collection of Burpsuite Intruder payloads, BurpBounty payloads (https://github.com/wagiro/BurpBounty), fuzz lists and pentesting methodologies. To pull down all 3rd party repos, run install.sh in the same directory of the…
Read more »
Corsy – CORS Misconfiguration Scanner
What is CORS Misconfiguration Bug? Cross-origin resource sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and adds flexibility…
Read more »
Faraday – Open Source Vulnerability Management Platform
Open Source Vulnerability Manager Security has two difficult tasks: designing smart ways of getting new information, and keeping track of findings to improve remediation efforts. With Faraday, you may focus…
Read more »
EyeWitness – Tool to Take Screenshots of Websites With Server Header Info
EyeWitness EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known. EyeWitness is designed to run on Kali Linux. It will…
Read more »
Gopherus – Tool for Exploiting SSRF and gaining RCE
Gopherus If you know a place which is SSRF vulnerable then, this tool will help you to generate Gopher payload for exploiting SSRF (Server Side Request Forgery) and gaining RCE…
Read more »
Gospider – Web Crawling and Content Discovery Tool
Gospider Fast Web Spider Written in Go Gospider is a tool to perform website crawling. Features Fast web crawling Brute force and parse sitemap.xml Parse robots.txt Generate and verify link…
Read more »
Arjun – Tool to Find Query Parameters for URL Endpoints
What is Arjun? Arjun is a tool which can find query parameters for URL endpoints. If you don’t get what that means, it’s okay, read along. Web applications use parameters…
Read more »