0ang3el / websocket-smuggle
Issues with WebSocket reverse proxying allowing to smuggle HTTP requests
☆337Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for websocket-smuggle
- Client Side Prototype Pollution Scanner☆511Updated 2 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆527Updated 9 months ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆344Updated 2 years ago
- ☆528Updated 11 months ago
- List DTDs and generate XXE payloads using those local DTDs.☆611Updated 9 months ago
- DNS rebinding toolkit☆250Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆804Updated 2 years ago
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆374Updated last year
- A simple SSRF-testing sheriff written in Go☆316Updated 2 weeks ago
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)☆650Updated 2 years ago
- ☆655Updated 2 years ago
- Content-Type Research☆540Updated 9 months ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆308Updated last year
- Automatic tool for DNS rebinding-based SSRF attacks☆293Updated 4 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆296Updated last year
- ☆398Updated 2 years ago
- Security Testing Scripts for JWT☆308Updated 2 years ago
- ☆684Updated last year
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆274Updated 3 years ago
- Simple DNS Rebinding Service☆627Updated 4 years ago
- You can read the writeup on this script here☆267Updated 4 years ago
- HTTP file upload scanner for Burp Proxy☆397Updated last year
- ☆165Updated 3 years ago
- A mini webserver with FTP support for XXE payloads☆326Updated 10 months ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆253Updated 3 years ago
- ☆278Updated 3 years ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆405Updated this week
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆252Updated 2 years ago
- ☆128Updated 3 years ago