Content released at NorthSec 2018 for my talk on prototype pollution
☆537May 25, 2024Updated last year
Alternatives and similar repositories for prototype-pollution-nsec18
Users that are interested in prototype-pollution-nsec18 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Prototype Pollution and useful Script Gadgets☆1,606Jan 27, 2024Updated 2 years ago
- Client Side Prototype Pollution Scanner☆525Sep 17, 2022Updated 3 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,784Sep 29, 2025Updated 6 months ago
- SSRF (Server Side Request Forgery) testing resources☆2,486Oct 12, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- A collection of browser-based side channel attack vectors.☆759Mar 19, 2024Updated 2 years ago
- ☆705Nov 27, 2024Updated last year
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆348Nov 20, 2022Updated 3 years ago
- research☆152Mar 21, 2024Updated 2 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,173May 26, 2023Updated 2 years ago
- Bypassing disabled exec functions in PHP (c) CRLF☆405Oct 2, 2020Updated 5 years ago
- CVE-2017-9506 - SSRF☆190Feb 14, 2022Updated 4 years ago
- Browser's XSS Filter Bypass Cheat Sheet☆1,153May 6, 2017Updated 8 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆16Oct 3, 2018Updated 7 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,080Jun 15, 2021Updated 4 years ago
- Apache Solr Injection Research☆581Jan 28, 2020Updated 6 years ago
- Multi-language web CGI interfaces exploits.☆399Aug 22, 2022Updated 3 years ago
- Collection of CTF Web challenges I made☆2,829Aug 31, 2025Updated 7 months ago
- ☆696Jul 4, 2022Updated 3 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆392Aug 15, 2024Updated last year
- 🔪Browser logic vulnerabilities☆700Jan 23, 2021Updated 5 years ago
- ☆1,202Sep 2, 2022Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,135Apr 21, 2024Updated last year
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆661Feb 1, 2025Updated last year
- Deserialization payload generator for a variety of .NET formatters☆3,700Dec 23, 2024Updated last year
- ☆72Nov 20, 2017Updated 8 years ago
- A DNS rebinding attack framework.☆1,274Dec 4, 2025Updated 4 months ago
- Collections of Orange Tsai's public presentation slides.☆750Jan 1, 2025Updated last year
- ☆3,670Jan 9, 2025Updated last year
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆284Jul 22, 2017Updated 8 years ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,733Dec 1, 2024Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- My CTF Challenges☆216Jan 4, 2026Updated 3 months ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,794Apr 26, 2024Updated last year
- Collection of exploits/POC for PrestaShop cookie vulnerabilities (CVE-2018-13784)☆48Jul 17, 2018Updated 7 years ago
- ☆54Dec 3, 2025Updated 4 months ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,341Apr 18, 2023Updated 2 years ago
- A tiny and cute URL fuzzer☆402Nov 10, 2022Updated 3 years ago
- A Node.js vulnerability finding tool.☆96Aug 7, 2025Updated 8 months ago