Captain-K-101 / Ssrf-labs
This Lab contain the sample codes Basic Labs related to Server-Side Request Forgery attack
☆20Updated 4 years ago
Alternatives and similar repositories for Ssrf-labs:
Users that are interested in Ssrf-labs are comparing it to the libraries listed below
- PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]☆52Updated 2 years ago
- Check if domain has bug bounty program or not☆27Updated last year
- ☆42Updated 3 years ago
- Spring4Shell Burp Scanner☆71Updated 3 years ago
- collection of various grep patterns collected from tomnomnom/gf and other places☆22Updated 4 years ago
- [CVE-2024-4956] Nexus Repository Manager 3 Unauthenticated Path Traversal Bulk Scanner☆14Updated 6 months ago
- XSS Finder Via SSTI☆55Updated last year
- Community curated list of templates for the erebus engine to find security vulnerabilities.☆16Updated 3 years ago
- Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.☆50Updated 3 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆34Updated 3 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆59Updated last year
- This includes all the templates of nuclei collected from different sources☆17Updated 2 years ago
- ☆36Updated 2 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Updated 2 years ago
- A GO module to get domain name from SSL certificates when an IP address is provided.☆34Updated 2 years ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆43Updated 4 years ago
- bug bounty automation☆13Updated 3 years ago
- Perform with Massive Command Injection (Chamilo)☆21Updated last year
- Techniques / Tips and tricks for finding sensitive data exposures in Github for Penetration Testers / Bug Bounty Hunters☆16Updated 4 years ago
- Every Nuclei template that has ever appeared on Github☆26Updated 2 years ago
- Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI☆27Updated 4 years ago
- Enhanced 403 bypass header☆21Updated 2 years ago
- ☆56Updated 3 years ago
- XSS reflector vulnerabilities exploitation extended.☆27Updated 3 years ago
- BBSSRF - Bug Bounty SSRF is a powerful tool to check SSRF OOB connection☆38Updated 2 years ago
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆44Updated last year
- SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.☆38Updated 4 years ago
- This repository contains proof of concept for zero days and CVEs that were found by Omar Hashem through Security Research☆44Updated 2 years ago
- nuclei framework scripts☆34Updated 2 years ago
- A repo for tools, utils, and wrappers that are to small to put in their own repo.☆23Updated 2 years ago