JordanMilne / Advocate
An SSRF-preventing wrapper around Python's requests library. Advocate is no longer maintained, please fork and rename if you would like to continue work on it.
☆93Updated last year
Alternatives and similar repositories for Advocate:
Users that are interested in Advocate are comparing it to the libraries listed below
- SSRF Protection Library for PHP - http://safecurl.fin1te.net☆73Updated last year
- The databases, API's and managers behind https://websecweekly.org☆50Updated 10 years ago
- Monitor arbitrary TCP traffic using your HTTP interception proxy of choice☆48Updated 7 years ago
- ☆32Updated 9 years ago
- An example of obtaining RCE via Redis and CSRF☆76Updated 8 years ago
- Fuzzing things with afl and python-afl☆59Updated 8 years ago
- A security tool to fingerprint PNG libraries used by web applications☆80Updated 5 years ago
- A Scaleable and Asynchronous Framework for Testing Tools built on Kubernetes☆35Updated 7 years ago
- AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.☆56Updated 3 years ago
- Resources for developers and security engineers to learn the ropes of application security☆97Updated 6 years ago
- An SSRF-preventing wrapper around Node's request module☆26Updated 6 years ago
- A Firefox extension and WebSocket handler that checks S3/Google/Azure buckets while your browse.☆37Updated 4 years ago
- An example of a vulnerable slack bot that runs in AWS lambda.☆19Updated 7 years ago
- badbucket checks your s3 bucket for common misconfigurations☆23Updated 7 years ago
- a mass web screenshot tool for mapping web networks.☆24Updated 9 years ago
- A Burp Plugin for Detecting Weaknesses in Content Security Policies☆166Updated last year
- burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…☆157Updated 6 years ago
- Files from Zeronights presentation.☆28Updated 12 years ago
- This repo gives an overview of some GCP metadata API attack and defend patterns☆76Updated 5 years ago
- ☆11Updated 8 years ago
- ☆9Updated 7 years ago
- Viewstate Hidden Control Enumerator☆17Updated 11 years ago
- Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.☆48Updated 2 years ago
- A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a la…☆140Updated 8 months ago
- This test suite contains over 40 different test cases that have proven to work with different mobile browsers in my research or testing S…☆30Updated 5 years ago
- A Go API client for HackerOne (api.hackerone.com)☆41Updated 8 years ago
- A HackerOne API client for Python☆19Updated 7 years ago
- Use computer vision to determine if an IDN can be interpreted as something it's not☆62Updated 7 years ago
- URLCrazy☆31Updated 11 years ago
- Exploit insecure crossdomain.xml files.☆26Updated 7 years ago