BrunoHalltari / CTF-WriteupsLinks
Here i will post my writeups :)
☆32Updated 2 years ago
Alternatives and similar repositories for CTF-Writeups
Users that are interested in CTF-Writeups are comparing it to the libraries listed below
Sorting:
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- Same Origin XSS challenge☆61Updated 3 years ago
- Awesome MXSS ??☆50Updated 8 months ago
- ☆166Updated 3 years ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆51Updated last month
- ✨ Build a beautiful and simple website in literally minutes. Demo at https://beautifuljekyll.com☆21Updated 2 years ago
- Challenges I wrote for various CTF competitions☆43Updated 10 months ago
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆27Updated 4 years ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆50Updated last month
- A collection of Server-Side Prototype Pollution gadgets and exploits☆189Updated 3 months ago
- ☆63Updated 2 years ago
- List of Trusted Types bypasses☆93Updated last year
- Need any help bypassing CSP ?☆29Updated 4 years ago
- A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs☆68Updated 3 months ago
- Blog about HTTP Request Smuggling, including a demo application.☆27Updated 3 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆90Updated 7 months ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆108Updated last year
- ☆56Updated 3 years ago
- PP-finder Help you find gadget for prototype pollution exploitation☆163Updated 9 months ago
- Wordlist to bruteforce for LFI☆123Updated 5 years ago
- A cheatsheet for exploiting server-side SVG rasterization.☆30Updated 2 years ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.☆36Updated 2 years ago
- Detects request smuggling via HTTP/2 downgrades.☆92Updated 2 years ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆48Updated last year
- ☆18Updated 2 months ago
- ☆176Updated 4 years ago
- Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations☆59Updated this week
- Fast exfiltration of text using only CSS and Ligatures☆50Updated last month
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆159Updated last year