Client-Side Prototype Pollution Tools
☆87Sep 21, 2021Updated 4 years ago
Alternatives and similar repositories for cspp-tools
Users that are interested in cspp-tools are comparing it to the libraries listed below
Sorting:
- Client Side Prototype Pollution Scanner☆523Sep 17, 2022Updated 3 years ago
- Simple tools to handle string and generate subdomain permutations☆15Jun 8, 2022Updated 3 years ago
- Prototype Pollution and useful Script Gadgets☆1,601Jan 27, 2024Updated 2 years ago
- ☆695Jul 4, 2022Updated 3 years ago
- Scanner for Cross-Site WebSocket Hijacking☆41Feb 19, 2026Updated last month
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆518Jun 22, 2022Updated 3 years ago
- ☆563Mar 27, 2025Updated 11 months ago
- Detects request smuggling via HTTP/2 downgrades.☆94Jul 30, 2022Updated 3 years ago
- Tool for making it easy to collect dns results from the CLI☆40Aug 14, 2024Updated last year
- Collection of tools to interact with Intigriti website☆17Aug 10, 2024Updated last year
- A collection of scripts for bug-bounty related stuff☆39Sep 4, 2020Updated 5 years ago
- Adobe Experience Manager Vulnerability Scanner☆186May 22, 2023Updated 2 years ago
- Prototype Pollution exploits collection☆37Aug 8, 2021Updated 4 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆156Nov 24, 2023Updated 2 years ago
- research☆152Mar 21, 2024Updated 2 years ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆408Dec 24, 2022Updated 3 years ago
- Content-Type Research☆658Jun 29, 2025Updated 8 months ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆392Aug 15, 2024Updated last year
- Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.☆134Jul 11, 2021Updated 4 years ago
- Prototype Pollution Scanner☆139Apr 11, 2021Updated 4 years ago
- Subdomain enumeration statistics and wordlists from bugbounty scopes.☆34Mar 24, 2022Updated 3 years ago
- ☆170Oct 4, 2021Updated 4 years ago
- Let's check if your target is vulnerable for client side prototype pollution.☆65Jan 9, 2024Updated 2 years ago
- Dump all available paths and/or endpoints on WADL file.☆98Nov 24, 2025Updated 3 months ago
- Searcher for cross-site leaks (XS-Leaks)☆81Dec 27, 2022Updated 3 years ago
- Same Origin XSS challenge☆64Apr 7, 2022Updated 3 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- Chrome extension to detect possible xsleaks☆12May 4, 2019Updated 6 years ago
- A high performance TCP SYN port scanner.☆316Mar 2, 2024Updated 2 years ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆660Aug 28, 2025Updated 6 months ago
- qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.☆30May 6, 2020Updated 5 years ago
- ☆17Dec 14, 2022Updated 3 years ago
- NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.☆78Nov 5, 2022Updated 3 years ago
- WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…☆50Feb 27, 2026Updated 3 weeks ago
- ☆437Jun 1, 2021Updated 4 years ago
- PP-finder Help you find gadget for prototype pollution exploitation☆189Aug 8, 2024Updated last year
- A collection of utilities to simplify the creation of Burp Suite plugins☆22Dec 14, 2023Updated 2 years ago
- Fetch the details of assets hosted on AWS.☆88Dec 4, 2023Updated 2 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆959Dec 31, 2021Updated 4 years ago