BishopFox / json-interop-vuln-labsLinks
Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"
☆207Updated 2 years ago
Alternatives and similar repositories for json-interop-vuln-labs
Users that are interested in json-interop-vuln-labs are comparing it to the libraries listed below
Sorting:
- ☆180Updated last month
- ☆129Updated 4 years ago
- Predict Mongo ObjectIds☆144Updated 7 years ago
- Client-Side Prototype Pollution Tools☆85Updated 3 years ago
- XS-Leaks Wiki☆166Updated 2 months ago
- This repo contains all the injections mentioned in my talk and enumerators.☆130Updated last year
- 🐙 Cross-document messaging security research tool powered by https://enso.security☆293Updated 2 years ago
- Client Side Prototype Pollution Scanner☆519Updated 2 years ago
- 🏴☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴☠️☆201Updated 6 years ago
- A tool to perform Sequential Import Chaining☆271Updated 5 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆302Updated 2 years ago
- ☆545Updated 4 months ago
- ☆197Updated 9 months ago
- ☆72Updated 3 years ago
- A simple SSRF-testing sheriff written in Go☆329Updated 9 months ago
- Adds a customizable "Send to..."-context-menu to your BurpSuite.☆163Updated 2 years ago
- AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.☆43Updated last year
- research☆151Updated last year
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆27Updated 4 years ago
- The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources☆134Updated 4 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆373Updated 11 months ago
- Security Testing Scripts for JWT☆316Updated 3 years ago
- Simple "postMessage logger" Chrome extension☆98Updated 5 years ago
- Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.☆128Updated 2 years ago
- Workshop given at Hack in Paris 2019☆122Updated 2 years ago
- DNS rebinding toolkit☆253Updated 2 years ago
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- Grammar-based HTTP/1 fuzzer with mutation ability☆253Updated 9 months ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆260Updated 2 years ago
- A natural evolution of Burp Suite's Repeater tool☆199Updated last year