Web Application Security
71 tools found
J2EEScan
Burp Suite plugin that enhances test coverage for J2EE-based web applications.
Burp Encode IP
Burp extension encoding IPs to test SSRF, RFI, and open redirect flaws.
BlackWidow
Web spider that collects URLs and tests for common OWASP vulnerabilities.
SwaggerJACKER
sj is a command line tool designed to assist with auditing of exposed Swagger/OpenAPI definition files by checking the associated API endpoints for weak authentication. It also provides command templates for manual vulnerability testing.
ppmap
A simple scanner/exploitation tool written in GO which automatically exploits known and existing gadgets (checks for specific variables in the global context) to perform XSS via Prototype Pollution.
Padding Oracle Attacker
CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.
WAF Bypass Tool
WAF Bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community.
SafeLine
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits.
BurpSmartBuster
A Burp Suite content discovery plugin that add the smart into the Buster!
