GoSecure / request-smuggling-workshop

Related projects ⓘ

Alternatives and complementary repositories for request-smuggling-workshop

• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆67Updated 2 years ago
• Th0h0 / autopoisoner
  Web cache poisoning vulnerability scanner.
  ☆61Updated 2 years ago
• PatrikFehrenbach / vilicus
  vīlicus is a bug bounty api dashboard
  ☆40Updated last year
• honoki / burp-copy-regex-matches
  Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.
  ☆33Updated 2 years ago
• wfinn / redirex
  tool that generates bypasses for open redirects
  ☆48Updated 2 years ago
• Rhynorater / rebindMultiA
  ☆56Updated last year
• yeswehack / BCheck-Burp-scripts
  Bcheck scripts for Burp
  ☆23Updated 3 months ago
• akincibor / 403-bypass
  Enhanced 403 bypass header
  ☆21Updated 2 years ago
• rs-loves-bugs / burp-browser-profiles
  Make better use of the embedded browser that comes by default with Burp
  ☆38Updated 10 months ago
• 303sec / log4shell-everywhere
  A Burp Suite extension which augments your proxy traffic by injecting log4shell payloads into headers
  ☆42Updated 2 years ago
• ZephrFish / Lepus
  Subdomain finder
  ☆10Updated 2 years ago
• cyberaz0r / Burp-IISTildeEnumerationScanner
  Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability
  ☆55Updated last year
• haqqibrahim / Sling-Shot-R3con
  🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯
  ☆24Updated last year
• h1pmnh / sqli-dojo-docker
  A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment
  ☆39Updated 5 months ago
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆39Updated 2 years ago
• iustin24 / chameleon-wordlists
  Chameleon Wordlists
  ☆14Updated 2 years ago
• emadshanab / Burp-Bounty-free-Profiles-Collection
  ☆43Updated 3 years ago
• kh4sh3i / ElasticSearch-Pentesting
  ElasticSearch exploit and Pentesting guide for penetration tester
  ☆22Updated 2 years ago
• emadshanab / Adobe-Experience-Manager
  ☆33Updated 3 years ago
• harisec / orange-confusion-attacks
  ☆19Updated 2 months ago
• minamo7sen / burp-JS-Miner
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆54Updated last year
• EasyRecon / wappaGo
  ☆52Updated 6 months ago
• redhuntlabs / BurpSuite-Asset_History
  ☆33Updated 4 years ago
• emadshanab / Huge_DIR_wordlist
  ☆47Updated 3 years ago
• federicodotta / Burp-Suite-Extender-Montoya-Course
  This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite …
  ☆35Updated this week
• dsecuredcom / yataf
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆51Updated 2 months ago
• tr3ss / newclei
  A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.
  ☆53Updated last year
• fransr / hot-jar-swapping-urlclassloader
  Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes
  ☆30Updated last year
• ExpLangcn / agartha
  a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …
  ☆48Updated 2 years ago