TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages.

Go 351 30 Updated May 8, 2025

Hackmanit / template-injection-playground

The Template Injection Playground allows to test a large number of the most relevant template engines for template injection possibilities.

PHP 44 13 Updated May 8, 2025

godaddy / tartufo

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

Python 502 72 Updated Mar 6, 2025

mazen160 / secrets-patterns-db

Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.

Python 1,137 139 Updated Jan 26, 2024

midoxnet / mapperplus

MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.

JavaScript 170 17 Updated Oct 5, 2024

andresriancho / enumerate-iam

Enumerate the permissions associated with AWS credential set

Python 1,150 179 Updated Feb 5, 2024

nccgroup / ScoutSuite

Multi-Cloud Security Auditing Tool

Python 7,130 1,089 Updated Nov 19, 2024

bl4de / dictionaries

Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks

Python 241 77 Updated May 8, 2024

JoyChou93 / java-sec-code

Java web common vulnerabilities and security code which is base on springboot and spring security

Java 2,510 680 Updated Dec 2, 2024

EFForg / apkeep

A command-line tool for downloading APK files from various sources

Rust 1,151 76 Updated Feb 22, 2025

bitquark / shortscan

An IIS short filename enumeration tool

Go 928 93 Updated Nov 25, 2024

trap-bytes / 403jump

HTTP 403 bypass tool

Go 509 52 Updated Mar 16, 2024

Sn1r / Forbidden-Buster

A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas in the system. This code is made for security enthusiasts and…

Python 176 33 Updated Aug 31, 2024

iamj0ker / bypass-403

A simple script just made for self use for bypassing 403

Shell 1,885 305 Updated May 30, 2024

byt3hx / 403-bypass

403-bypass tool to bypass 403 responses.

Python 119 19 Updated Jan 17, 2023

nico989 / B1pass3r

Python tool to test known techniques to bypass 403 and 401 HTTP responses.

Python 37 6 Updated May 27, 2023

aardwolfsecurityltd / Bulk_403_Bypass

Shell 19 2 Updated Mar 4, 2023

Dheerajmadhukar / 4-ZERO-3

403/401 Bypass Methods + Bash Automation + Your Support ;)

Shell 1,476 276 Updated Jun 6, 2022

daffainfo / bypass-403

Go script for bypassing 403 forbidden

Go 153 29 Updated Aug 6, 2021

intrudir / BypassFuzzer

Fuzz 401/403/404 pages for bypasses

Python 310 39 Updated Dec 14, 2024

assetnote / blind-ssrf-chains

An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability

869 116 Updated Dec 31, 2021

assetnote / surf

Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.

Go 636 46 Updated Dec 19, 2023

s0md3v / SubGPT

Find subdomains with GPT, for free

Python 346 49 Updated Apr 18, 2024

honoki / bbrf-client

The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices

Python 624 90 Updated Nov 17, 2024

thr3athunt3r thr3athunt3r

Lists (7)

40X Bypass Tools

Books/Write-Up/Tutorials/Reports

Burp Extension

Hacking Labs

Mobile Hacking

OSINT

Wordlist Collection

Stars