param-miner
Parameter detective
An extension tool used to identify hidden parameters in web requests
1k stars
27 watching
169 forks
Language: Java
last commit: 6 days ago
Linked from 1 awesome list
Related projects:
Repository | Description | Stars |
---|---|---|
portswigger/backslash-powered-scanner | An extension for Burp Suite that scans for unknown classes of injection vulnerabilities using a novel approach | 643 |
portswigger/http-request-smuggler | An extension for Burp Suite to help identify and exploit HTTP Request Smuggling vulnerabilities. | 964 |
portswigger/reflected-parameters | Tools and techniques for exploiting reflected parameter vulnerabilities in Java-based applications | 19 |
portswigger/httpoxy-scanner | Tools to help identify vulnerabilities in web applications using HTTPoxy scanning. | 90 |
portswigger/json-decoder | Automated toolset for BurpSuite extension development and debugging | 10 |
portswigger/command-injection-attacker | An OS command injection detection and exploitation tool that provides methodologies and software for identifying and exploiting vulnerabilities in applications. | 106 |
portswigger/additional-scanner-checks | A collection of passive scanner checks to identify security vulnerabilities in web applications | 27 |
portswigger/scope-monitor | A tool to track and analyze application endpoints during testing | 17 |
portswigger/example-scanner-checks | A Java-based toolset that provides custom scanning checks and techniques for extending Burp Suite's built-in scanning capabilities. | 15 |
portswigger/active-scan-plus-plus | An extension to Burp Suite's scanning capabilities designed to identify application behavior of interest to advanced testers. | 209 |
portswigger/html5-auditor | An HTML validation and security testing tool for identifying vulnerabilities in web applications | 4 |
portswigger/replicator | An extension for the Burp Suite toolset to help developers reproduce issues discovered by pen testers | 70 |
jgillam/burp-paramalyzer | An extension for parameter analysis in web application penetration testing | 154 |
portswigger/random-ip-address-header | This Java project generates and manipulates HTTP headers to include random IP addresses for testing and development purposes. | 6 |
portswigger/pip3line | A utility for raw bytes manipulation and interception | 3 |