Xss-Sql-Fuzz

Vulnerability fuzzer

Automates fuzzing of XSS and SQL injection vulnerabilities in web applications using Burp Suite extensions.

burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz

GitHub

61 stars
4 watching
10 forks
Language: Python
last commit: about 6 years ago
Linked from 1 awesome list

burpburp-extensionsburpsuitepython

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
attackercan/burp-xss-sql-plugin Automated tool for detecting cross-site scripting (XSS) and SQL injection vulnerabilities in web applications. 44
initroot/burpsqltruncsanner Automatically scans endpoints for potential SQL Truncation vulnerabilities by fuzzing request parameters 62
1n3/intruderpayloads A collection of tools and methodologies for identifying vulnerabilities in web applications 3,698
wdahlenburg/logicalfuzzingengine A Python extension for Burpsuite that generates and applies payload fuzzing to test application vulnerabilities 10
ikkisoft/bradamsa A Burp Suite extension plugin to generate Intruder payloads using Radamsa, a fuzzer. 87
google/oss-fuzz-vulns Records disclosed OSS-Fuzz vulnerabilities and their impact on versions and commits 138
akenofu/url_fuzzer_401_403_bypass Fuzzes HTTP parser inconsistencies by inserting all ASCII characters at predefined insertion points in URLs 7
xer0times/sqli-query-tampering Customizable extension for Burp Suite's Intruder to generate and process SQLi payloads with various evasion techniques. 151
google/fuzzbench Automated testing of software components to identify vulnerabilities and weaknesses 1,110
bhass1/pyfuzz_can A tool for generating and testing random CAN network inputs to simulate real-world conditions. 13
bitthebyte/bitblinder A tool to detect blind XSS vulnerabilities by injecting custom payloads into HTTP requests in Burp Suite 108
henshin/filebuster A fast and flexible web application testing tool that uses brute-force methods to discover vulnerabilities 213
xnl-h4ck3r/gap-burp-extension An extension for Burp Suite that identifies potential security vulnerabilities in web applications by analyzing endpoints, parameters, and generating custom target wordlists. 1,280
ghostlulzhacks/waybacksqliscanner Scans URLs from the wayback machine and tests GET parameters for SQL injection vulnerabilities. 187
fuzzdb-project/fuzzdb A comprehensive toolset for identifying and exploiting application vulnerabilities through dynamic testing 8,288