403-bypass Are you interested in web security and want to test your skills against potential 403 bypasses?...
Web Vulnerability Analysis
JAW An open-source, prototype implementation of property graphs for JavaScript based on the esprima parser, and the EsTree SpiderMonkey Spec....
Subhunter A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain....
Upload_Bypass Upload_Bypass is a powerful tool designed to assist Pentesters and Bug Hunters in testing file upload mechanisms....
Hakuin Hakuin is a Blind SQL Injection (BSQLI) inference optimization and automation framework written in Python 3....
Egyscan Egyscan is The Best web vulnerability scanner; it’s a multifaceted security powerhouse designed to fortify your...
headerpwn A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers. Install go...
The Ars0n Framework The Ars0n Framework is designed to provide aspiring Application Security Engineers with all the...
CLZero A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors. Inspired by the tool Smuggler all attack gadgets...
codetotal CodeTotal analyzes any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and...
Logsensor A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning Features login panel...
Bugsy Bugsy is a command-line interface (CLI) tool that provides automatic security vulnerability remediation for your code....
WebCopilot WebCopilot is an automation tool designed to enumerate subdomains of the target and detect vulnerabilities using...
navgix navgix is a multi-threaded golang tool that will check for nginx alias traversal vulnerabilities. Techniques Currently,...
Argus This repo contains the code for our USENIX Security ’23 paper “ARGUS: A Framework for Staged...