8,812 tools
ezXSS is a testing framework that helps penetration testers and bug bounty hunters identify Cross Site Scripting vulnerabilities, especially blind XSS attacks.
ezXSS is a testing framework that helps penetration testers and bug bounty hunters identify Cross Site Scripting vulnerabilities, especially blind XSS attacks.
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A powerful tool for identifying and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A powerful tool for identifying and exploiting Cross-Site Scripting (XSS) vulnerabilities.
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases through automated scanning and reporting.
A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases through automated scanning and reporting.
ESC is an interactive .NET SQL console client with enhanced SQL Server discovery and data exfiltration features designed for penetration testing and red team engagements.
ESC is an interactive .NET SQL console client with enhanced SQL Server discovery and data exfiltration features designed for penetration testing and red team engagements.
SQLi-Hunter is an HTTP/HTTPS proxy server and SQLMAP API wrapper that simplifies the identification and exploitation of SQL injection vulnerabilities in web applications.
SQLi-Hunter is an HTTP/HTTPS proxy server and SQLMAP API wrapper that simplifies the identification and exploitation of SQL injection vulnerabilities in web applications.
A tool for identifying and exploiting SSRF vulnerabilities in modern cloud environments by filtering host lists to find viable attack candidates.
A tool for identifying and exploiting SSRF vulnerabilities in modern cloud environments by filtering host lists to find viable attack candidates.
A front-end JavaScript toolkit for creating DNS rebinding attacks
A front-end JavaScript toolkit for creating DNS rebinding attacks
A malicious DNS server that executes DNS Rebinding attacks on-demand to bypass same-origin policy restrictions and access internal network resources.
A malicious DNS server that executes DNS Rebinding attacks on-demand to bypass same-origin policy restrictions and access internal network resources.
A DNS rebinding attack framework for security researchers and penetration testers.
A DNS rebinding attack framework for security researchers and penetration testers.
A tool to search for Sentry config on a page or in JavaScript files and check for blind SSRF
A tool to search for Sentry config on a page or in JavaScript files and check for blind SSRF
A tool for identifying potential security threats by fetching known URLs and filtering out URLs with open redirection or SSRF parameters.
A tool for identifying potential security threats by fetching known URLs and filtering out URLs with open redirection or SSRF parameters.
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities