Search All Cybersecurity Tools

Automatic tool for DNS rebinding-based SSRF attacks

Automated SSRF finder with options for XSS and open redirects

A tool for exploiting SSRF and gaining RCE in various servers

Automatic SSRF fuzzer and exploitation tool

A collection of customizable automation scripts for Turbo Intruder that facilitate vulnerability scanning, exploitation, and data extraction in penetration testing workflows.

A tool for exploiting HTTP/2 cleartext smuggling vulnerabilities

A Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.

A Python library that simplifies testing and exploiting race conditions in web applications using concurrent HTTP requests.

A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.

A Kernel fuzzer focusing on race bugs

A fuzzer for detecting open redirect vulnerabilities

A command-line script that tests multiple domains from a list for open redirect vulnerabilities and reports findings.

A security analysis tool that detects and analyzes open redirection vulnerabilities in web applications.

Automatic authorization enforcement detection extension for Burp Suite

A library of PHP unserialize() payloads and a tool to generate them.

A payload generator that creates malicious deserialization payloads for testing .NET applications against insecure deserialization vulnerabilities.

A tool for identifying and analyzing Java serialized objects in network traffic

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

A tool for automated HTTP header injection

Obtain GraphQL API schema even if the introspection is disabled

A Burp Suite extension that formats GraphQL requests for easier reading

A GraphQL security testing tool

A scripting engine for interacting with GraphQL endpoints for pentesting purposes.

InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection