araselmir's Stars
ifconfig-me/Path-Traversal-Scanner
wapiti-scanner/wapiti
Web vulnerability scanner written in Python3
Ph33rr/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
bitquark/shortscan
An IIS short filename enumeration tool
ayoubfathi/leaky-paths
A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
hisxo/gitGraber
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
x1337loser/Dependency-Confusion
All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)
thewhiteh4t/FinalRecon
All In One Web Recon
the-robot/sqliv
massive SQL injection vulnerability scanner
JohnTroony/Blisqy
Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
zzzteph/sheye
Opensource assets and vulnerability scanning tool
xnl-h4ck3r/GAP-Burp-Extension
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
0xKayala/NucleiFuzzer
NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications
Impact-I/x8-Burp
Hidden parameters discovery suite
NARKOZ/hacker-scripts
Based on a true story
NagliNagli/Shockwave-OSS
stamparm/DSSS
Damn Small SQLi Scanner
CiscoCXSecurity/bbqsql
SQL Injection Exploitation Tool
jaeles-project/jaeles
The Swiss Army knife for automated Web Application Testing
digininja/CeWL
CeWL is a Custom Word List Generator
m4ll0k/Atlas
Quick SQLMap Tamper Suggester
synacktiv/eos
Enemies Of Symfony - Debug mode Symfony looter
smxiazi/xia_sql
xia SQL (瞎注) burp 插件 ,在每个参数后面填加一个单引号,两个单引号,一个简单的判断注入小插件。
RobertJonnyTiger/Blind-SQLi-Tool
auto_SQLi, an automatic blind SQLi Tool that dumps tables from POST or GET requests.
bambish/ScanQLi
SQLi scanner to detect SQL vulns
1N3/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
ron190/jsql-injection
jSQL Injection is a Java application for automatic SQL database injection.
1N3/Sn1per
Attack Surface Management Platform
TritonDataCenter/pkgsrc-legacy
Automatically updated conversion of the "pkgsrc" module from anoncvs.netbsd.org
austinsonger/payloadsandlists
Payloads and Lists