Client-Side Prototype Pollution Tools
☆87Sep 21, 2021Updated 4 years ago
Alternatives and similar repositories for cspp-tools
Users that are interested in cspp-tools are comparing it to the libraries listed below
Sorting:
- Simple tools to handle string and generate subdomain permutations☆15Jun 8, 2022Updated 3 years ago
- Client Side Prototype Pollution Scanner☆523Sep 17, 2022Updated 3 years ago
- Prototype Pollution and useful Script Gadgets☆1,584Jan 27, 2024Updated 2 years ago
- Collection of tools to interact with Intigriti website☆16Aug 10, 2024Updated last year
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆518Jun 22, 2022Updated 3 years ago
- ☆695Jul 4, 2022Updated 3 years ago
- Detects request smuggling via HTTP/2 downgrades.☆94Jul 30, 2022Updated 3 years ago
- A collection of scripts for bug-bounty related stuff☆39Sep 4, 2020Updated 5 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆156Nov 24, 2023Updated 2 years ago
- Tool for making it easy to collect dns results from the CLI☆40Aug 14, 2024Updated last year
- Scanner for Cross-Site WebSocket Hijacking☆41Feb 19, 2026Updated last week
- Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.☆134Jul 11, 2021Updated 4 years ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆406Dec 24, 2022Updated 3 years ago
- ☆562Mar 27, 2025Updated 11 months ago
- Adobe Experience Manager Vulnerability Scanner☆186May 22, 2023Updated 2 years ago
- Prototype Pollution exploits collection☆37Aug 8, 2021Updated 4 years ago
- Let's check if your target is vulnerable for client side prototype pollution.☆65Jan 9, 2024Updated 2 years ago
- PP-finder Help you find gadget for prototype pollution exploitation☆189Aug 8, 2024Updated last year
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- Prototype Pollution Scanner☆139Apr 11, 2021Updated 4 years ago
- qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.☆30May 6, 2020Updated 5 years ago
- ☆56Aug 26, 2021Updated 4 years ago
- ☆436Jun 1, 2021Updated 4 years ago
- Dump all available paths and/or endpoints on WADL file.☆98Nov 24, 2025Updated 3 months ago
- NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.☆78Nov 5, 2022Updated 3 years ago
- WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…☆50Sep 5, 2024Updated last year
- Content-Type Research☆657Jun 29, 2025Updated 8 months ago
- grapX will iterate through the URLs and grep the endpoints with all possible extensions.☆56Mar 23, 2021Updated 4 years ago
- research☆152Mar 21, 2024Updated last year
- Find unicode codepoints to use in normalisation and transformation attacks.☆11Mar 15, 2021Updated 4 years ago
- Feed it a list of subdomains, it will resolve them and tell you which ones are internal☆93Nov 21, 2021Updated 4 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆390Aug 15, 2024Updated last year
- A high performance TCP SYN port scanner.☆318Mar 2, 2024Updated 2 years ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆659Aug 28, 2025Updated 6 months ago
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆953Dec 31, 2021Updated 4 years ago
- Exactly what it sounds like, which is something rad☆22Oct 12, 2022Updated 3 years ago
- A tool to download program information from Bugcrowd, for use by researchers to compare programs they are eligible to participate in☆21Dec 22, 2022Updated 3 years ago
- Some vulnerability research slides that I made☆12Jan 5, 2022Updated 4 years ago