Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
☆127Jan 10, 2023Updated 3 years ago
Alternatives and similar repositories for template-injection-workshop
Users that are interested in template-injection-workshop are comparing it to the libraries listed below
Sorting:
- Workshop given at Hack in Paris 2019☆126Jun 8, 2023Updated 2 years ago
- Client Side Prototype Pollution Scanner☆523Sep 17, 2022Updated 3 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆346Nov 20, 2022Updated 3 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆952Dec 31, 2021Updated 4 years ago
- Random utilities from my security projects that might be useful to others☆183Jan 26, 2025Updated last year
- My CTF Challenges☆16Nov 6, 2024Updated last year
- Java XMLDecoder payload generator☆16Jul 27, 2021Updated 4 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆356Oct 14, 2020Updated 5 years ago
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆10Aug 18, 2022Updated 3 years ago
- ☆11Dec 25, 2020Updated 5 years ago
- a tool that compiles a csv of all h1 program stats☆49Jul 2, 2023Updated 2 years ago
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- ☆29Jan 10, 2023Updated 3 years ago
- Exactly what it sounds like, which is something rad☆22Oct 12, 2022Updated 3 years ago
- 收集规则☆30Dec 8, 2022Updated 3 years ago
- Accompanying material needed for the workshop☆11Jun 14, 2023Updated 2 years ago
- Spring Boot Actuator + Spring Cloud Vul Env☆19Dec 25, 2019Updated 6 years ago
- HTTP requests of FrontPage expolit☆25Dec 19, 2013Updated 12 years ago
- An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.☆217Nov 3, 2020Updated 5 years ago
- ☆13Oct 3, 2023Updated 2 years ago
- bruteforce the admin panel☆15Jun 6, 2018Updated 7 years ago
- Pythonize Intruder Payload☆13Dec 15, 2020Updated 5 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆187Jun 22, 2022Updated 3 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,774Apr 26, 2024Updated last year
- Convert Empire profiles to Apache mod_rewrite scripts☆29Sep 17, 2019Updated 6 years ago
- A tool to find redirection chains in multiple URLs☆78Jan 1, 2025Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,483Oct 12, 2024Updated last year
- ☆562Mar 27, 2025Updated 11 months ago
- ☆27Jul 30, 2021Updated 4 years ago
- Copy as XMLHttpRequest BurpSuite extension☆32Mar 29, 2021Updated 4 years ago
- A CTFer tools bag by myself☆11May 5, 2019Updated 6 years ago
- Utility to pull disclosed vulnerabilities from HackerOne private programs - for personal use only☆13Aug 22, 2021Updated 4 years ago
- Burp Extension that copies a request and builds a FFUF skeleton☆113Sep 29, 2023Updated 2 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Mar 5, 2021Updated 4 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆648Feb 21, 2024Updated 2 years ago
- This tool downloads, installs, and configures a shiny new copy of Chromium.☆471Apr 3, 2024Updated last year
- My CTF Challenges☆216Jan 4, 2026Updated last month
- Easily schedule commands to run multiple times at set intervals (like a cronjob, but with one command)☆84Apr 5, 2021Updated 4 years ago