lutfumertceylan / Top25 Parameter
Licence: mit
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388
Projects that are alternatives of or similar to Top25 Parameter
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+1767.53%)
Mutual labels: pentesting, bugbounty, pentest-tool
Cloudbrute
Awesome cloud enumerator
Stars: ✭ 268 (-30.93%)
Mutual labels: pentesting, pentest-tool, bugbounty
Vailyn
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-73.45%)
Mutual labels: pentesting, pentest-tool, vulnerability-detection
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+39.43%)
Mutual labels: pentesting, pentest-tool, bugbounty
YAPS
Yet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-90.98%)
Mutual labels: pentesting, bugbounty, pentest-tool
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+773.97%)
Mutual labels: pentest-tool, bugbounty
Susanoo
A REST API security testing framework.
Stars: ✭ 287 (-26.03%)
Mutual labels: pentesting, pentest-tool
Impost3r
👻Impost3r -- A linux password thief
Stars: ✭ 355 (-8.51%)
Mutual labels: pentesting, pentest-tool
Findom Xss
A fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-20.1%)
Mutual labels: pentesting, bugbounty
ShonyDanza
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-77.84%)
Mutual labels: pentesting, vulnerability-detection
Hetty
Hetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+826.8%)
Mutual labels: pentesting, bugbounty
Vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-30.67%)
Mutual labels: pentesting, pentest-tool
Open Redirect Payloads
Open Redirect Payloads
Stars: ✭ 361 (-6.96%)
Mutual labels: pentesting, pentest-tool
Xunfeng
巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+706.96%)
Mutual labels: pentesting, vulnerability-detection
Securitymanageframwork
Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (-2.58%)
Mutual labels: pentesting, vulnerability-detection
Kaboom
A tool to automate penetration tests
Stars: ✭ 322 (-17.01%)
Mutual labels: pentesting, pentest-tool
Rdpassspray
Python3 tool to perform password spraying using RDP
Stars: ✭ 368 (-5.15%)
Mutual labels: pentesting, pentest-tool
Top 25 Vulnerability Parameters based on frequency
For basic researches, top 25 vulnerable parameters based on frequency of use with reference to various articles. These parameters can be used for automation tools or manual recon. Although the prevalence percentages of these parameters cannot be proven precisely, they were prepared by the TR Bug Hunters Community, which I founded, and myself.
This repo contains the common parameters of the following vulnerabilities:
Cross-Site Scripting (XSS)
Server-Side Request Forgery (SSRF)
Local File Inclusion (LFI)
SQL Injection (SQLi)
Remote Code Execution (RCE) [for GET and POST methods]
Open Redirect
Top 25 Cross-Site Scripting (XSS) Parameters for @trbughunters @openbugbounty
Top 25 Server-Side Request Forgery (SSRF) Parameters for @trbughunters
Top 25 Local File Inclusion (LFI) Parameters for @trbughunters
Top 25 SQL Injection Parameters for @trbughunters
Top 25 Remote Code Execution (RCE) Parameters [GET based] for @trbughunters
Top 25 Open Redirect Parameters for @lutfumertceylan
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].