HoLyVieR / prototype-pollution-nsec18

Related projects ⓘ

Alternatives and complementary repositories for prototype-pollution-nsec18

• securitum / research
  research
  ☆150Updated 7 months ago
• BishopFox / json-interop-vuln-labs
  Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"
  ☆197Updated last year
• filedescriptor / untrusted-types
  ☆655Updated 2 years ago
• wisec / domxsswiki
  Automatically exported from code.google.com/p/domxsswiki
  ☆518Updated 6 years ago
• msrkp / PPScan
  Client Side Prototype Pollution Scanner
  ☆511Updated 2 years ago
• 0ang3el / websocket-smuggle
  Issues with WebSocket reverse proxying allowing to smuggle HTTP requests
  ☆337Updated 3 months ago
• d0nutptr / sic
  A tool to perform Sequential Import Chaining
  ☆254Updated 5 years ago
• ZeddYu / HTTP-Smuggling-Lab
  Use HTTP Smuggling Lab to learn HTTP Smuggling.
  ☆344Updated 2 years ago
• BlackFan / client-side-prototype-pollution
  Prototype Pollution and useful Script Gadgets
  ☆1,404Updated 9 months ago
• cujanovic / Markdown-XSS-Payloads
  XSS payloads for exploiting Markdown syntax
  ☆447Updated last month
• fcavallarin / domdig
  DOM XSS scanner for Single Page Applications
  ☆394Updated 4 months ago
• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆804Updated 2 years ago
• taviso / rbndr
  Simple DNS Rebinding Service
  ☆627Updated 4 years ago
• xsleaks / wiki
  XS-Leaks Wiki
  ☆150Updated 3 months ago
• neex / http2smugl
  ☆528Updated 11 months ago
• xiaofen9 / Lynx
  A Node.js vulnerability finding tool.
  ☆95Updated 4 years ago
• xsleaks / xsleaks
  A collection of browser-based side channel attack vectors.
  ☆740Updated 8 months ago
• google / csp-evaluator
  ☆330Updated 3 weeks ago
• silentsignal / rsa_sign2n
  Deriving RSA public keys from message-signature pairs
  ☆270Updated 6 months ago
• BlackFan / content-type-research
  Content-Type Research
  ☆540Updated 9 months ago
• mpgn / ByP-SOP
  🏴‍☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴‍☠️
  ☆196Updated 5 years ago
• DiogoMRSilva / websitesVulnerableToSSTI
  Simple websites vulnerable to Server Side Template Injections(SSTI)
  ☆374Updated last year
• allanlw / svg-cheatsheet
  A cheatsheet for exploiting server-side SVG processors.
  ☆695Updated 4 years ago
• ajinabraham / Node.Js-Security-Course
  Contents for Node.Js Security Course
  ☆329Updated 4 years ago
• fransr / postMessage-tracker
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆1,059Updated 9 months ago
• jmdx / TLS-poison
  ☆684Updated last year
• teknogeek / ssrf-sheriff
  A simple SSRF-testing sheriff written in Go
  ☆316Updated 2 weeks ago
• filedescriptor / Unicode-Mapping-on-Domain-names
  ☆128Updated 3 years ago
• whitel1st / docem
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆527Updated 9 months ago
• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆611Updated 9 months ago