Corsy – CORS Misconfiguration Scanner
What is CORS Misconfiguration Bug? Cross-origin resource sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and adds flexibility…
Read more »
Faraday – Open Source Vulnerability Management Platform
Open Source Vulnerability Manager Security has two difficult tasks: designing smart ways of getting new information, and keeping track of findings to improve remediation efforts. With Faraday, you may focus…
Read more »
Gopherus – Tool for Exploiting SSRF and gaining RCE
Gopherus If you know a place which is SSRF vulnerable then, this tool will help you to generate Gopher payload for exploiting SSRF (Server Side Request Forgery) and gaining RCE…
Read more »
Gospider – Web Crawling and Content Discovery Tool
Gospider Fast Web Spider Written in Go Gospider is a tool to perform website crawling. Features Fast web crawling Brute force and parse sitemap.xml Parse robots.txt Generate and verify link…
Read more »
Arjun – Tool to Find Query Parameters for URL Endpoints
What is Arjun? Arjun is a tool which can find query parameters for URL endpoints. If you don’t get what that means, it’s okay, read along. Web applications use parameters…
Read more »
Request Smuggler – HTTP Request Smuggling Vulnerability Scanner
Request smuggler Http request smuggling vulnerability scanner Based on the amazing research by James Kettle. The tool can help to find servers that may be vulnerable to request smuggling vulnerability. Installation Linux from…
Read more »
SQLbit – Script for Automatize Boolean-Based Blind SQL Injections
SQL Blind Injection Tool Just another script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwise comparisons with multithreading to find cell…
Read more »