Bearer / bearer-rules
Rules for Bearer SAST
☆23Updated last week
Related projects ⓘ
Alternatives and complementary repositories for bearer-rules
- Argument Injection in Dragonfly Ruby Gem☆16Updated 3 years ago
- My security advisories☆11Updated 9 months ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆22Updated 4 months ago
- A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…☆17Updated last year
- *Unofficial* lgtm.com CLI — Use at your own risk. Also don't add more than 3K projects to "My projects" list.☆13Updated 2 years ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆22Updated 3 months ago
- OWASP ZAP add-on to detect reflected parameter vulnerabilities efficiently☆12Updated 3 years ago
- Proof of Concepts for unsafe deserialization in Ruby☆14Updated last month
- Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulner…☆15Updated last year
- Burp plugin for the 1Password session protocol for use by security researchers. https://bugcrowd.com/agilebits☆55Updated 11 months ago
- My custom semgrep rules☆18Updated 4 years ago
- WAF bypass PoC☆43Updated last year
- Reference architecture and proof of concept implementation for supply chain security gateway☆23Updated last year
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated last year
- Query various sources for CVE proof-of-concepts☆49Updated last year
- ☆29Updated 6 months ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆29Updated 2 years ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆45Updated 2 years ago
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆11Updated last year
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆14Updated 6 years ago
- Fuzz WebSockets with custom Python code☆13Updated 3 months ago
- Docker container for running OWASP WebGoat.NET application☆11Updated 6 years ago
- A collection of my Semgrep rules☆47Updated last year
- Push notifications to Slack channel or to custom server based on BurpSuite response conditions.☆18Updated 3 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆17Updated 4 years ago
- Fork of https://github.com/PortSwigger/param-miner for header smuggling research☆12Updated 3 years ago
- Signatures for wraith used to detect secrets across various sources☆15Updated 2 years ago
- A Burp Suite extension to add a custom header (e.g. JWT)☆19Updated 2 years ago