dgnnpllamcglhcfmppgijeindohkkabm
Professional security testing toolkit for ethical hackers and penetration testers CyberInject is a professional security testing toolkit designed for authorized penetration testers and ethical hackers. Payload Collections - XSS Payloads - 15 cross-site scripting test vectors - SQL Injection - 15 database injection payloads - SSRF - 12 server-side request forgery tests - LFI - 12 local file inclusion vectors - Other Vulnerabilities - 15 additional security tests including XXE, SSTI, Command Injection, and Log4Shell Enhanced Tools - Encoding/Decoding Tools - URL, Base64, HTML Entity, and Hex encoding/decoding - Payload Variation Generator - Automatically generate multiple variations of payloads (case changes, encoding, obfuscation) - Character Counter - Count characters, words, and lines in your payloads - Custom Payloads - Add, organize, and permanently save your own custom injection payloads Smart Features - Real-time Search - Instantly search through all payloads, tools, and references across all categories - Session History- Automatic tracking of all copied payloads with timestamps for audit trails - One-click Copying - Quick clipboard integration with visual feedback - Reference Library - Quick access to HTTP status codes, common ports, OWASP Top 10, and security resources - Intuitive Tabbed Interface - Organized by vulnerability type with smooth navigation - Keyboard Shortcuts - Press 1-8 to quickly switch between categories - Professional Design - Clean, security-focused interface with smooth scrolling fade effects - Smart Search Bar - Filter payloads in real-time as you type - Persistent Storage - All custom payloads and history saved permanently across browser sessions - Instant History Updates - See your testing history update immediately as you work PERFECT FOR: - Security professionals and penetration testers - Bug bounty hunters conducting authorized research - Security training and educational purposes - Authorized vulnerability assessments - Red team operations and security audits - Researchers who need to organize and track custom payloads - Teams who need consistent payload references This extension provides quick access to common security testing payloads without requiring external tools or references. All features work offline with no network requests or data collection. Custom payloads and history are saved permanently using browser storage (chrome.storage API) and will persist across extension sessions. The extension includes: - 69+ pre-loaded security testing payloads - 6 encoding/decoding tools - Comprehensive reference documentation - Unlimited custom payload storage - Complete session history tracking - Real-time search across all content This tool is intended solely for authorized security testing. Users must obtain explicit written permission before testing any systems and comply with all applicable laws. Unauthorized use is prohibited and may be illegal in your jurisdiction. Want to explore the source code or contribute? Check out the project on GitHub: https://github.com/CyberNilsen/CyberInject Version 1.3.0 - Now with enhanced search, history tracking, encoding tools, and improved user experience!
LPR - Ultimate Recon & Bug Hunting Tool
LPR (Live Params & Redirects) is an all-in-one reconnaissance and… LPR (Live Params & Redirects) is an all-in-one reconnaissance and vulnerability scanning assistant designed for Bug Bounty Hunters, Penetration Testers, and Web Developers. Instead of wasting time inspecting elements and grepping through minified JavaScript files, LPR automatically extracts and categorizes every potential injection point and hidden asset on the page. 🕵️♂️ Deep Parameter Extraction: Automatically scrapes parameters from HTML forms, DOM inputs, and JavaScript variables (var, let, const). 🔗 Advanced Asset Discovery: Digs into external .js files to find full URLs (S3 buckets, API endpoints) and hidden Routes (e.g., /api/v1/admin) that are invisible in the UI. ⚔️ XSS & Security Scanner: proactively hunts for Dangerous Sinks (innerHTML, eval), React/Vue bypass patterns, and javascript: URIs to speed up your XSS discovery. 🆔 IDOR Hunting: Instantly lists all ID-related patterns (e.g., user_id, order_uuid, account_id) found in the source code with line numbers. 🔀 Redirect Analysis: Detects potential Open Redirect vulnerabilities by scanning for window.location, meta refresh, and navigation sinks. 💾 Accumulative Scanning: Data is saved as you browse. The extension prevents accidental tab closing to ensure you never lose your reconnaissance data during a session. Why LPR? Whether you are looking for hidden API endpoints, testing for IDORs, or hunting for DOM-based XSS, LPR gives you a bird's-eye view of the target's attack surface in seconds.
DOM XSS Highlighter — Pro
Highlights user-controlled reflections in DOM to help detect risky contexts. Run only on sites you own or may test. DOM XSS Highlighter helps developers and security testers quickly spot user-controlled reflections inside a webpage’s DOM. By highlighting URL parameters, hash fragments, and other inputs that appear in risky contexts, it makes it easier to catch potential security issues during development and QA. ✨ Features • On-demand scanning (runs only when you click the extension) • Highlights user input in text, HTML, attributes, and scripts • Quick “rescan” and “clear” controls for fast testing • Click highlighted text to copy a structured JSON report • Local-only: no data ever leaves your browser Simple interface with professional security look ⚠️ Note: For educational and authorized testing only. Use on websites you own or have explicit permission to test.
VAPT Assistant Pro+
Advanced VAPT toolkit with AI, security headers, WAF detection, DNS/WHOIS tools, subdomain scanner, and VirusTotal integration. Unlock powerful web security and penetration testing capabilities with VAPT Assistant Pro+, the ultimate Chrome extension for pentesters, ethical hackers, and cyber security professionals. This all-in-one pentest tool and penetration testing toolkit provides everything you need for efficient vulnerability assessment, ethical hacking, and security testing directly in your browser. VAPT Assistant Pro+ offers a wide range of pentesting tools for comprehensive vulnerability assessment and penetration testing (VAPT), making it an essential tool for security analysts, bug bounty hunters, and IT professionals. Conduct advanced penetration testing, automate vulnerability scanning, analyze web application security, and strengthen your cyber security posture—all with an intuitive, user-friendly interface. Key features include web application pentesting, automated VAPT scans, cyber security analysis, ethical hacking tools, and real-time security monitoring. Whether you are performing manual security audits or automated tests, this extension simplifies your workflow and boosts your productivity. This extension helps you during a web application penetration testing and report writing so it was a checklist management tool pentester can also add custom bug bounty checklist also this extension is secure using MPIN pentest tool, pentesting tool, penetration testing tool, pentest toolkit, cyber security tool, ethical hacking tool, VAPT, vulnerability assessment, security testing, web application security, bug bounty, security analyst, IT security, browser extension, web security tool, automated pentest. Take your penetration testing and cyber security efforts to the next level with VAPT Assistant Pro+, the best Chrome extension for ethical hackers and penetration testers!
Hunter Search
Otimize buscas para pentest e bug bounty com dorks automáticos. Hunter Search – Dorks Inteligentes para Pentest e Bug Bounty Otimize suas buscas de segurança! O Hunter Search é a extensão definitiva para profissionais de pentest, bug bounty hunters e entusiastas de segurança que desejam encontrar informações sensíveis, vulnerabilidades e exposições públicas de forma rápida, prática e inteligente. Principais Funcionalidades - Montagem Avançada de Dorks: Combine palavras-chave, múltiplos sites, operadores Google e dorks prontos (IDOR, XSS, SQLi, AWS, arquivos sensíveis, leaks, painéis admin e muito mais) em uma interface intuitiva. - Pré-visualização em Tempo Real: Veja como ficará sua query antes de buscar, garantindo precisão e controle total. - Busca Multi-Plataforma: Escolha entre Google, Bing ou DuckDuckGo para ampliar suas possibilidades de descoberta. - Histórico e Favoritos: Salve e reutilize suas queries mais usadas. Nunca mais perca aquele dork perfeito! - Botões Rápidos: Copie, limpe ou favorite suas buscas com apenas um clique. - Modo Escuro/Claro Automático: Interface moderna, responsiva e confortável para qualquer hora do dia. - Tooltips e Ajuda: Dicas rápidas em cada campo para facilitar o uso, mesmo para quem está começando. Exemplos de uso - Encontrar vazamentos de chaves AWS em repositórios públicos. - Buscar arquivos sensíveis (.env, config, credentials) em sites e domínios específicos. - Descobrir endpoints de administração, painéis e dashboards expostos. - Pesquisar por vulnerabilidades comuns (IDOR, XSS, SQLi) em qualquer site. - Montar dorks customizados para investigações avançadas. Por que usar o Hunter Search? - Produtividade: Economize tempo montando queries complexas com poucos cliques. - Personalização: Adapte a busca ao seu objetivo, seja para bug bounty, CTF, OSINT ou auditoria. - Praticidade: Tudo em um só lugar, sem precisar decorar dorks ou operadores. Hunter Search Otimize suas buscas. Encontre vulnerabilidades. Eleve seu bug bounty!
