Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Stars: ✭ 10,451 (+7058.22%)

Mutual labels: vulnerability-scanners

Burpsuite Xkeys

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Stars: ✭ 144 (-1.37%)

Mutual labels: burp-extensions

Xsscon

XSSCon: Simple XSS Scanner tool

Stars: ✭ 118 (-19.18%)

Mutual labels: vulnerability-scanners

Jsonp

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.

Stars: ✭ 131 (-10.27%)

Mutual labels: burp-extensions

Gda Android Reversing Tool

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…

Stars: ✭ 2,332 (+1497.26%)

Mutual labels: vulnerability-scanners

Arissploit

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Stars: ✭ 114 (-21.92%)

Mutual labels: vulnerability-scanners

Vuln Web Apps

A curated list of vulnerable web applications.

Stars: ✭ 128 (-12.33%)

Mutual labels: vulnerability-scanners

Vailyn

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Stars: ✭ 103 (-29.45%)

Mutual labels: vulnerability-scanners

Sdwannewhope

SD-WAN security and insecurity

Stars: ✭ 141 (-3.42%)

Mutual labels: vulnerability-scanners

Swurg

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

Stars: ✭ 94 (-35.62%)

Mutual labels: burp-extensions

Burp Exporter

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.

Stars: ✭ 122 (-16.44%)

Mutual labels: burp-extensions

Detexploit

OSS Vulnerability Scanner for Windows Platform

Stars: ✭ 146 (+0%)

Mutual labels: vulnerability-scanners

Gvmd

Greenbone Vulnerability Manager

Stars: ✭ 140 (-4.11%)

Mutual labels: vulnerability-scanners

Owasp Orizon

Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.

Stars: ✭ 130 (-10.96%)

Mutual labels: vulnerability-scanners

View All Similar Projects ➔

Burp-molly-scanner

Overview

The main goal of Burp-molly-scanner is to extend Burp and turn it into headless active scanner.

Usage

Build fat jar with Maven
Rewrite burp_molly_config.json
Put path to config in MOLLY_CONFIG Environment variable
Run Burp Suite in console java -jar burpsuite_pro.jar
Add Plugin in Extender Tab (once)
Run scanner in headless mode (see run.sh)
Parse resulting XML report
Integrate it to your security pipeline

Contributing

Contributions to Burp-molly-scanner are always welcome! You can help us in different ways:

Open an issue with suggestions for improvements and errors you're facing;
Fork this repository and submit a pull request;
Improve the documentation.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 146

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (0) 🔗