Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.
☆277Jan 28, 2025Updated last year
Alternatives and similar repositories for Collabfiltrator
Users that are interested in Collabfiltrator are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆616Mar 4, 2021Updated 5 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆659Feb 21, 2024Updated 2 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Dec 2, 2020Updated 5 years ago
- ☆36Jul 15, 2020Updated 5 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,802Apr 26, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.☆369Apr 14, 2022Updated 4 years ago
- Piper Burp Suite Extender plugin☆130Jan 14, 2026Updated 4 months ago
- Various Payload wordlists☆241Apr 26, 2025Updated last year
- Hacked together script for feeding urls into Burp's Sitemap☆94Dec 7, 2025Updated 5 months ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆340Aug 23, 2019Updated 6 years ago
- SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibil…☆156Aug 21, 2020Updated 5 years ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆64Apr 17, 2020Updated 6 years ago
- DNS rebinding toolkit☆253May 22, 2023Updated 3 years ago
- CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4☆69Feb 3, 2020Updated 6 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- ☆563Mar 27, 2025Updated last year
- ☆240Apr 20, 2019Updated 7 years ago
- Apache Solr Injection Research☆581Jan 28, 2020Updated 6 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆305Aug 21, 2020Updated 5 years ago
- Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.☆177Oct 12, 2021Updated 4 years ago
- Everything you need about Burp Extension Generation☆157Jan 6, 2023Updated 3 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆301Feb 12, 2023Updated 3 years ago
- Public Disclosures☆92Feb 13, 2022Updated 4 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆684Jan 28, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- RCE 0-day for GhostScript 9.50 - Payload generator☆543Sep 8, 2021Updated 4 years ago
- DOM XSS scanner for Single Page Applications☆415Nov 15, 2025Updated 6 months ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆76Sep 2, 2020Updated 5 years ago
- Burp Suite Extension to monitor new scope☆200Mar 31, 2021Updated 5 years ago
- ☆284Nov 12, 2021Updated 4 years ago
- A collection of scripts used to interact with the Burp Rest API☆56Feb 11, 2019Updated 7 years ago
- A simple SSRF-testing sheriff written in Go☆338Oct 31, 2024Updated last year
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,777Apr 22, 2026Updated last month
- cve-2020-0688☆165Feb 26, 2020Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Take a list of domains/subdomains and probe for working http/https server.☆193Sep 8, 2020Updated 5 years ago
- Burp Extension written in Jython to hunt for common vulnerabilities found in websites. Developed by Gaurav Narwani to help people find vu…☆252Apr 27, 2020Updated 6 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆136Sep 25, 2019Updated 6 years ago
- Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…☆224Jul 10, 2020Updated 5 years ago
- You can read the writeup on this script here☆191May 9, 2026Updated 2 weeks ago
- SSRF (Server Side Request Forgery) testing resources☆2,494Oct 12, 2024Updated last year
- You can read the writeup on this script here☆273Jul 12, 2020Updated 5 years ago