A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

Potentially dangerous files

Collection of quality safety articles

上传漏洞fuzz字典生成脚本

瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

Fuzz your Rust code with Google-developed Honggfuzz !

Fast HTTP enumerator

渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker

qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.

Windows Kernel Drivers fuzzer

字典、payload、基础设施搭建

🤖 Repeat tests. Repeat tests. Repeat tests.

Browser Fuzz Summarize / 浏览器模糊测试综述

Fuzz test your application using your Swagger, OpenAPI or API Blueprint definition without coding

Domain name permutation engine for detecting typo squatting, phishing and corporate espionage

📚 A ultimate collection wordlists of the best-known CMS

🎯 Directory Payload List

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.

github generated the repo name for me

JavaFuzz 4 Android

A python3 intruder that gave me bounties, easy to use and as fast as fuff

expansion of afl-unicorn using c++

python restful api fuzz test

software vulnerabilities

fuzz and property testing front-end for Rust

Easy fuzzing with go-fuzz

Sample files for fuzzing ImageMagick

A fuzzer for HTML5 canvas operations.

根据关键词（如用户名）快速生成相关弱口令字典