A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
-
Updated
Sep 27, 2021 - BlitzBasic
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
Fuzz your Rust code with Google-developed Honggfuzz !
Fuzz test your application using your OpenAPI or Swagger API definition without coding
qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
Black box fuzzer for web applications
OneScan是一个递归目录扫描的BurpSuite插件
property testing and verification front-end for Rust
Add a description, image, and links to the fuzz topic page so that developers can more easily learn about it.
To associate your repository with the fuzz topic, visit your repo's landing page and select "manage topics."