Category: Web Vulnerability Analysis
ezXSS ezXSS is an easy way to test (blind) Cross-Site Scripting. Current features Easy to use dashboard with statics, payloads, view/share/search reports and more Payload generator Instant email alert on the payload Custom javascript...
raider – Authentication testing framework This is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticated tests, they don’t provide features to test the authentication process itself, i.e. manipulating...
sast-scan Scan is a free open-source security tool for modern DevOps teams. With an integrated multi-scanner based design, Scan can detect various kinds of security flaws in your application and infrastructure code in a single...
TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations. You can read the technique here. Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page...
What is CorsMe? A cors misconfiguration scanner tool based on golang with speed and precision in mind! Misconfiguration type this scanner can check for Reflect Origin checks Prefix Match Suffix Match Not Escaped Dots...
firebaseExploiter FirebaseExploiter is a vulnerability discovery tool that discovers Firebase databases which are open and can be exploitable. Primarily built for mass hunting bug bounties and for penetration testing. Features Mass vulnerability scanning from...
VulnerableCode VulnerableCode is a free and open database of FOSS software package vulnerabilities and the tools to create and keep the data current. It is made by the FOSS community to improve and secure...
Am I Exploitable? ‘Am I Exploitable?’ is a python open source project that comes to meet the need of validating if your system is exploitable to specific vulnerabilities. The project can help you understand...
nuclei Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use. It is used to send requests across targets based on a template leading to...
What is ReDoS vulnerability? A regular expression is the most known text processing utility for programmers. There are many tools to use regular expression: grep, awk, and perl for example. Besides, a regular expression is used for...