Test for access control vulnerabilities by comparing HTTP responses across two sessions. The #1 bug class in bug bounty.
OAuth / OIDC Attack Wizard
Test OAuth 2.0 and OIDC for redirect_uri bypass and more.
HTTP Request Parser
Parse raw HTTP requests and auto-extract security details.
Response Diff Analyzer
Diff HTTP responses to detect payload reflection and anomalies.
API Security Studio
OWASP API Top 10, OAuth attacks, and GraphQL testing in one place.
Companion generator
IDOR Generator