GoSecure / 44con-code-review-workshop
References, tools and sample payloads
☆10Updated 8 years ago
Alternatives and similar repositories for 44con-code-review-workshop:
Users that are interested in 44con-code-review-workshop are comparing it to the libraries listed below
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Updated 6 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 7 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆24Updated 8 years ago
- Quickly add http and https domains to BurpSuite's scope with all paths.☆16Updated 8 years ago
- Burp extension to decode NTLM SSP headers and extract domain/host information☆31Updated 4 years ago
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 6 years ago
- PHP tool to test XSS☆22Updated 5 years ago
- Modified version of ActiveScan++ Burp Suite extension☆31Updated 8 years ago
- Simple burp extension for routing traffic over tor. It instruments tor to switch to a new circuit after every N requests.☆19Updated 2 years ago
- Study about HQL injection exploitation.☆51Updated 8 years ago
- A simple grep user interface for searching code which can be used for SAST.☆8Updated 5 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆41Updated 4 years ago
- ☆20Updated 5 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 5 years ago
- Generate pentest reports based on github issues.☆17Updated 2 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆25Updated 5 years ago
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Updated 11 years ago
- ☆22Updated 3 years ago
- Vulnerable webapp testbed☆21Updated 8 years ago
- Collection of different exploitation scenarios of JWT.☆21Updated 3 years ago
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆19Updated 5 years ago
- A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!☆33Updated 6 years ago
- ☆32Updated 5 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆19Updated 6 years ago
- Plattform to develop and experiment with existing java web attacks.☆31Updated 7 years ago
- This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter☆20Updated 8 years ago
- AWS S3 Bucket/Object Finder☆25Updated 7 years ago
- Utilities for creating Burp Suite Extensions.☆21Updated 5 months ago
- Kubernetes Scanner☆40Updated 3 years ago
- Scan for open S3 buckets and dump☆37Updated 7 years ago