BrunoHalltari / CTF-Writeups
Here i will post my writeups :)
☆31Updated last year
Related projects ⓘ
Alternatives and complementary repositories for CTF-Writeups
- Same Origin XSS challenge☆56Updated 2 years ago
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆132Updated 2 months ago
- Searcher for cross-site leaks (XS-Leaks)☆81Updated last year
- Awesome MXSS ??☆45Updated last month
- Challenges I wrote for various CTF competitions☆39Updated 3 months ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆43Updated this week
- Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security☆103Updated 7 months ago
- List of Trusted Types bypasses☆85Updated 6 months ago
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆26Updated 3 years ago
- ctf writeups☆62Updated 2 years ago
- Phar + JPG Polyglot generator and playground (CTF CODE)☆72Updated 5 years ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆29Updated 2 weeks ago
- ☆34Updated last year
- PP-finder Help you find gadget for prototype pollution exploitation☆137Updated 3 months ago
- A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs☆60Updated 3 months ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆49Updated this week
- Need any help bypassing CSP ?☆24Updated 3 years ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆100Updated 7 months ago
- ☆65Updated last month
- Find all libraries on cdn.js that pollute your prototype☆19Updated 2 years ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆115Updated last week
- LFI to RCE via phpinfo() assistance or via controlled log file☆59Updated last year
- ☆87Updated 11 months ago
- ☆39Updated 11 months ago
- Workshop given at Hack in Paris 2019☆121Updated last year
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆54Updated last year
- ☆158Updated 3 years ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆112Updated 5 years ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆40Updated last year