359 Open source projects that are alternatives of or similar to Csp

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

Mining parameters from dark corners of Web Archives

Extract API keys from file or url using by magic of python and regex.

Web path scanner

nodejs + express security and performance boilerplate.

A tool for testing subdomain takeover possibilities at a mass scale.

Making Favicon.ico based Recon Great again !

This challenge is Inon Shkedy's 31 days API Security Tips.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Subdomain Takeover tool written in Go

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

websocket-connection-smuggler

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

differer finds how URLs are parsed by different languages in order to help bug hunters break filters

A big list of Android Hackerone disclosed reports and other resources.

Azure Multi-subscription/tenant Monitoring Solution

Communicating Sequential Processes in JavaScript

Automated Red Team Infrastructure deployement using Docker

A fast http and https prober, to check which URLs are alive

Dump exposed HTTP .git fast

Find exploits in local and online databases instantly

Useful stuff missing from .NET for example duck typing, CSP channels, caching, money, typed ids...

A collection of response templates for invalid bug bounty reports.

a recon tool that allows searching on URLs that are exposed via shortener services

Pure C implementation of Go channels.

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

A fast HTTP Response status checker implemented in Python3

Gospider - Fast web spider written in Go

The format of various s3 buckets is convert in one format. for bugbounty and security testing.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Security Tool to Look For Interesting Files in S3 Buckets

All about bug bounty (bypasses, payloads, and etc)

SObjectizer: it's all about in-process message dispatching!

🎯 SQL Injection Payload List

#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.

Multi Tool Subdomain Enumeration

RFD Checker - security CLI tool to test Reflected File Download issues

🎯 Command Injection Payload List

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

A Powerful Subdomain Takeover Tool

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

A collection of awesome one-liner scripts especially for bug bounty tips.

Partner Center PowerShell Module

Powerfull XSS Scanning and Parameter analysis tool&gem

The Swiss Army knife for automated Web Application Testing

Automatically brute force all services running on a target.

Random Tools for Bug Bounty

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

A concurrency C library 10x faster than Golang.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me