BlackFan / content-type-research
Content-Type Research
☆539Updated 9 months ago
Related projects ⓘ
Alternatives and complementary repositories for content-type-research
- Client Side Prototype Pollution Scanner☆511Updated 2 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆802Updated 2 years ago
- ☆654Updated 2 years ago
- ☆528Updated 10 months ago
- List DTDs and generate XXE payloads using those local DTDs.☆608Updated 8 months ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆335Updated 2 months ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆508Updated 9 months ago
- Unofficial documentation for the great tool Param Miner☆173Updated 2 years ago
- ☆163Updated 3 years ago
- Automated learning of regexes for DNS discovery☆358Updated last year
- Fetches javascript file from a list of URLS or subdomains.☆738Updated last year
- Gotator is a tool to generate DNS wordlists through permutations.☆453Updated 2 years ago
- This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests a…☆320Updated 3 years ago
- HTTP Request Smuggling Detection Tool☆471Updated 10 months ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆493Updated 2 years ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆588Updated last year
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆399Updated last month
- 🐙 Cross-document messaging security research tool powered by https://enso.security☆279Updated last year
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆458Updated this week
- HackerOne "in scope" domains☆399Updated this week
- Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations☆337Updated 4 years ago
- Burp extension to create target specific and tailored wordlist from burp history.☆231Updated 2 years ago
- ☆391Updated 3 years ago
- A fuzzer for detecting open redirect vulnerabilities☆709Updated 4 months ago
- a javascript change monitoring tool for bugbounties☆587Updated 3 months ago
- DOM XSS scanner for Single Page Applications☆394Updated 3 months ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆614Updated 6 months ago
- Black box fuzzer for web applications☆401Updated 4 months ago
- Turbo Intruder Scripts☆215Updated 4 years ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆355Updated 3 years ago