Golim / wcde
Implementation of the Web Cache Deception detection methodology presented in the paper "Web Cache Deception Escalates!"
☆21Updated 3 months ago
Related projects: ⓘ
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆38Updated 10 months ago
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆52Updated 8 months ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆43Updated 9 months ago
- Grammar-based HTTP/2 fuzzer with mutation ability☆40Updated 2 years ago
- ☆12Updated last year
- Simple taint analyzer for PHP/WordPress using VKCOM/php-parser☆18Updated 2 years ago
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆91Updated 4 months ago
- Testability Pattern Catalogs for SAST☆29Updated 6 months ago
- AutoSpear☆52Updated 8 months ago
- Same Origin XSS challenge☆56Updated 2 years ago
- Searcher for cross-site leaks (XS-Leaks)☆81Updated last year
- SADDNS: Side Channel Based DNS Cache Poisoning Attack☆51Updated 2 years ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆124Updated 3 weeks ago
- ☆54Updated last year
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated last year
- XS-Leak Browser Test Suite☆69Updated 9 months ago
- Artifact for ICSE 2023☆44Updated last year
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆51Updated 3 months ago
- ☆36Updated 11 months ago
- a repository of all the CTF challenges I've made for public events☆44Updated last year
- A cheatsheet for exploiting server-side SVG rasterization.☆29Updated 2 years ago
- Dependency Confusion Security Testing Tool☆39Updated 2 years ago
- Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data☆26Updated 3 years ago
- Exploiting XSS with Javascript/JPEG Polyglot (by @medusa_0xf)☆21Updated 2 years ago
- ☆12Updated 2 months ago
- ☆56Updated last month
- ☆54Updated 3 years ago
- A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications☆59Updated 3 years ago
- Collect public CTF source code repo☆46Updated 2 years ago
- All challenges from DiceCTF 2023☆68Updated last year