gaussrf - Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SSRF Parameters.

ssrfDetector - Server-side request forgery detector

grafana-ssrf - Authenticated SSRF in Grafana

sentrySSRF - Tool to searching sentry config on page or in javascript files and check blind SSRF

lorsrf - Bruteforcing on Hidden parameters to find SSRF vulnerability using GET and POST Methods

singularity - A DNS rebinding attack framework.

whonow - A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

dns-rebind-toolkit - A front-end JavaScript toolkit for creating DNS rebinding attacks.

dref - DNS Rebinding Exploitation Framework

rbndr - Simple DNS Rebinding Service

httprebind - Automatic tool for DNS rebinding-based SSRF attacks

dnsFookup - DNS rebinding toolkit

SQL Injection

sqlmap - Automatic SQL injection and database takeover tool

NoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.

SQLiScanner - Automatic SQL injection with Charles and sqlmap api

SleuthQL - Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.

mssqlproxy - mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse

sqli-hunter - SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

waybackSqliScanner - Gather urls from wayback machine then test each GET parameter for sql injection.

ESC - Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features.

mssqli-duet - SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

burp-to-sqlmap - Performing SQLInjection test on Burp Suite Bulk Requests using SQLMap

BurpSQLTruncSanner - Messy BurpSuite plugin for SQL Truncation vulnerabilities.

andor - Blind SQL Injection Tool with Golang

Blinder - A python library to automate time-based blind SQL injection

sqliv - massive SQL injection vulnerability scanner

nosqli - NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

XSS Injection

XSStrike - Most advanced XSS scanner.

xssor2 - XSS'OR - Hack with JavaScript.

xsscrapy - XSS spider - 66/66 wavsep XSS detected

sleepy-puppy - Sleepy Puppy XSS Payload Management Framework

ezXSS - ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

xsshunter - The XSS Hunter service - a portable version of XSSHunter.com

dalfox - DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

xsser - Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

XSpear - Powerfull XSS Scanning and Parameter analysis tool&gem

weaponised-XSS-payloads - XSS payloads designed to turn alert(1) into P1

tracy - A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

ground-control - A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.

xssValidator - This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.

JSShell - An interactive multi-user web JS shell

bXSS - bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

docem - Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)

XSS-Radar - XSS Radar is a tool that detects parameters and fuzzes them for cross-site scripting vulnerabilities.

BruteXSS - BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application.

findom-xss - A fast DOM based XSS vulnerability scanner with simplicity.

domdig - DOM XSS scanner for Single Page Applications

femida - Automated blind-xss search for Burp Suite

B-XSSRF - Toolkit to detect and keep track on Blind XSS, XXE & SSRF

domxssscanner - DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities

xsshunter_client - Correlated injection proxy tool for XSS Hunter

extended-xss-search - A better version of my xssfinder tool - scans for different types of xss on a list of urls.

xssmap - XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

XSSCon - XSSCon: Simple XSS Scanner tool

BitBlinder - BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities

XSSOauthPersistence - Maintaining account persistence via XSS and Oauth

shadow-workers - Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)

rexsser - This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.

xss-flare - XSS hunter on cloudflare serverless workers.

Xss-Sql-Fuzz - burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz

vaya-ciego-nen - Detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.

dom-based-xss-finder - Chrome extension that finds DOM based XSS vulnerabilities

XSSTerminal - Develop your own XSS Payload using interactive typing

xss2png - PNG IDAT chunks XSS payload generator

XSSwagger - A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks

XXE Injection

ground-control - A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.

dtd-finder - List DTDs and generate XXE payloads using those local DTDs.

docem - Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)

xxeserv - A mini webserver with FTP support for XXE payloads

xxexploiter - Tool to help exploit XXE vulnerabilities

B-XSSRF - Toolkit to detect and keep track on Blind XSS, XXE & SSRF

XXEinjector - Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.

oxml_xxe - A tool for embedding XXE/XML exploits into different filetypes

metahttp - A bash script that automates the scanning of a target network for HTTP resources through XXE

Passwords

thc-hydra - Hydra is a parallelized login cracker which supports numerous protocols to attack.
DefaultCreds-cheat-sheet - One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password
changeme - A default credential scanner.
BruteX - Automatically brute force all services running on a target.
patator - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

Secrets

git-secrets - Prevents you from committing secrets and credentials into git repositories
gitleaks - Scan git repos (or files) for secrets using regex and entropy
truffleHog - Searches through git repositories for high entropy strings and secrets, digging deep into commit history
gitGraber - gitGraber: monitor GitHub to search and find sensitive data in real time for different online services
talisman - By hooking into the pre-push hook provided by Git, Talisman validates the outgoing changeset for things that look suspicious - such as authorization tokens and private keys.
GitGot - Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
git-all-secrets - A tool to capture all the git secrets by leveraging multiple open source git searching tools
github-search - Tools to perform basic search on GitHub.
git-vuln-finder - Finding potential software vulnerabilities from git commit messages
commit-stream - #OSINT tool for finding Github repositories by extracting commit logs in real time from the Github event API
gitrob - Reconnaissance tool for GitHub organizations
repo-supervisor - Scan your code for security misconfiguration, search for passwords and secrets.
GitMiner - Tool for advanced mining for content on Github
shhgit - Ah shhgit! Find GitHub secrets in real time
detect-secrets - An enterprise friendly way of detecting and preventing secrets in code.
rusty-hog - A suite of secret scanners built in Rust for performance. Based on TruffleHog
whispers - Identify hardcoded secrets and dangerous behaviours
yar - Yar is a tool for plunderin' organizations, users and/or repositories.
dufflebag - Search exposed EBS volumes for secrets
secret-bridge - Monitors Github for leaked secrets
earlybird - EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
Trufflehog-Chrome-Extension - Trufflehog-Chrome-Extension
noseyparker - Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.

Git

GitTools - A repository with 3 tools for pwn'ing websites with .git repositories available
gitjacker - Leak git repositories from misconfigured websites
git-dumper - A tool to dump a git repository from a website
GitHunter - A tool for searching a Git repository for interesting content
dvcs-ripper - Rip web accessible (distributed) version control systems: SVN/GIT/HG...
Gato (Github Attack TOolkit) - GitHub Self-Hosted Runner Enumeration and Attack Tool

PreviousGithubs NextBookmarks

Last updated 10 months ago