Arjun – Tool to Find Query Parameters for URL Endpoints
What is Arjun? Arjun is a tool which can find query parameters for URL endpoints. If you don’t get what that means, it’s okay, read along. Web applications use parameters…
Read more »
Request Smuggler – HTTP Request Smuggling Vulnerability Scanner
Request smuggler Http request smuggling vulnerability scanner Based on the amazing research by James Kettle. The tool can help to find servers that may be vulnerable to request smuggling vulnerability. Installation Linux from…
Read more »
SQLbit – Script for Automatize Boolean-Based Blind SQL Injections
SQL Blind Injection Tool Just another script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwise comparisons with multithreading to find cell…
Read more »
Gxss – Tool to Check URLs That Contain Reflecting Params
Gxss Gxss is a tool to check a bunch of URLs that contain reflecting params. This a light weight tool for checking reflecting Parameters in a URL. Inspired by kxss by @tomnomnom. How…
Read more »
QSreplace – Tool to Replace All Query String Values With User Suplied Value
qsreplace Accept URLs on stdin, replace all query string values with a user-supplied value, only output each combination of query string parameters once per host and path. Install With Go:…
Read more »
reconFTW – Tool to Perform Automated Scan and Finding Vulnerabilities
Overview ReconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. ReconFTW automates the…
Read more »
Waybackurls – Extract All URLs From a Domain
waybackurls waybackurls is tool that can fetch all the URLs that the Wayback Machine knows about for a domain. Accept line-delimited domains on stdin, fetch known URLs from the Wayback…
Read more »