Py3webFuzz Based on pywebfuzz, Py3webfuzz is a Python3 module to assist in the identification of vulnerabilities in web applications, Web Services through brute force, fuzzing, and analysis. The module does...
Programming / Vulnerability Analysis / Web Vulnerability Analysis
by do son · Published October 21, 2020 · Last modified June 23, 2021
Security auditing and static code analysis Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and vulnerable code published on PyPI. Aura...
NoSQL Injector NoSQL scanner and injector. It aims to be fast, accurate, and highly usable, with an easy to understand command-line interface. Features Nosqli currently supports nosql injection detection for...
BOAST The BOAST Outpost for AppSec Testing BOAST is a server built to receive and report Out-of-Band Application Security Testing reactions. Some application security tests will only cause out-of-band reactions...
Oralyzer Oralyzer, a simple python script, capable of identifying the open redirection vulnerability in a website. It does that by fuzzing the url i.e. provided as the input. Features Oralyzer...
Web Information Gathering / Web Vulnerability Analysis
by do son · Published September 27, 2020 · Last modified April 28, 2021
PwnFox PwnFox is a Firefox/Burp extension that provides usefull tools for your security audit. If you are a chrome user you can check https://github.com/nccgroup/autochrome. Features Single click BurpProxy Connect...
Project Eagle Project Eagle is a plugin-based vulnerabilities scanner with threading support used for the detection of low-hanging bugs on a mass scale. Features CRLF Sensitive files e.g(.git, info.php ..) Subdomain takeover...
SQLancer SQLancer (Synthesized Query Lancer) is a tool to automatically test Database Management Systems (DBMS) in order to find logic bugs in their implementation. We refer to logic bugs as...
CRLFuzz A fast tool to scan CRLF vulnerability written in Go Changelog v1.4.1 0a8bcc8 Merge pull request #13 from dwisiswant0/dependabot/github_actions/peter-evans/create-pull-request-v3.5.1 391db38 ⬆️ Bump peter-evans/create-pull-request from v3.5.0 to v3.5.1 ae45136 Merge pull request #12 from dwisiswant0/dependabot/github_actions/peter-evans/create-pull-request-v3.5.0 b65aef5 ⬆️ Bump peter-evans/create-pull-request from...
Information Gathering / Vulnerability Analysis / Web Information Gathering / Web Vulnerability Analysis
by do son · Published September 12, 2020 · Last modified May 1, 2024
uDork uDork is a script written in Python that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications,...
PwnXSS A powerful XSS scanner made in python 3.7. Main features crawling all links on a website ( crawler engine ) POST and GET forms are supported many settings that...
OpenRedireX: Asynchronous Open redirect Fuzzer for Humans Key Features : Takes a url or list of urls and fuzzes them for Open redirect issues You can specify your own payloads...
SQLi Query Tampering SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite’s Intruder. Advantages and Benefits Sqlmap is a great automated tool for SQL vulnerabilities but...
CheckXSS Detect XSS vulnerability in Web Applications Feature Support url encoding bypass Support Unicode encoding of HTML tag attribute value to bypass Support HTML encoding to bypass the HTML tag...
Web Exploitation / Web Vulnerability Analysis
by do son · Published July 20, 2020 · Last modified February 26, 2021
Vailyn Vailyn is a multi-phased vulnerability analysis and exploitation tool for path traversal/directory climbing vulnerabilities. It is built to make it as performant as possible and to offer a wide...
Support Securityonline.info site. Thanks!
