GoSecure / template-injection-workshopLinks
Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
☆129Updated 3 years ago
Alternatives and similar repositories for template-injection-workshop
Users that are interested in template-injection-workshop are comparing it to the libraries listed below
Sorting:
- ☆283Updated 4 years ago
- Workshop given at Hack in Paris 2019☆125Updated 2 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Updated 4 years ago
- Everything you need about Burp Extension Generation☆157Updated 3 years ago
- Practice hacking JWT tokens☆116Updated 3 years ago
- Authenticated SSRF in Grafana☆83Updated last year
- This repo contains all the injections mentioned in my talk and enumerators.☆134Updated 2 years ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆112Updated last year
- Client-Side Prototype Pollution Tools☆85Updated 4 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆261Updated 3 years ago
- Burp Bounty profiles☆81Updated 4 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆345Updated 3 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆112Updated 3 years ago
- Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.☆278Updated 11 months ago
- DNS rebinding toolkit☆254Updated 2 years ago
- ☆99Updated 3 weeks ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆292Updated 6 years ago
- ☆56Updated 4 years ago
- Public Disclosures☆91Updated 3 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆54Updated 4 years ago
- Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.☆178Updated 4 years ago
- Recurrent Neural Network SubDomain Discovery Tool☆95Updated 3 years ago
- Run all your bug bounty VPN profiles in parallel and expose them via multiple local SOCKS proxies.☆113Updated 4 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆120Updated 2 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆131Updated 4 years ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path☆107Updated 5 years ago
- RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer☆56Updated 6 years ago
- PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)☆224Updated 5 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆175Updated last year
- RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro…☆109Updated 5 years ago