Curated UTF-8 URL-encoded character dictionary for injection testing, fuzzing, and bypass techniques against web applications and APIs, focused on null byte injection, double encoding, and input validation evasion scenarios.
☆13Sep 20, 2021Updated 4 years ago
Alternatives and similar repositories for URL-Encode-Injection
Users that are interested in URL-Encode-Injection are comparing it to the libraries listed below
Sorting:
- Passively check for XSS character encodings☆18Feb 7, 2026Updated 2 weeks ago
- A lightweight version of my bug bounty hunting framework designed to be run on Synack's LP+ machines.☆12Jul 11, 2023Updated 2 years ago
- A BurpSuite extension for vulnerability Scanning☆29Feb 16, 2024Updated 2 years ago
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆54Feb 26, 2025Updated last year
- 网站监控☆12Nov 9, 2019Updated 6 years ago
- ☆14Aug 4, 2021Updated 4 years ago
- ☆18May 18, 2025Updated 9 months ago
- A powerful Burp extension to make bounty rain☆14Feb 1, 2022Updated 4 years ago
- stdin writes to slack☆14Feb 8, 2020Updated 6 years ago
- A Simple Tool to Pull Paid Bounty Scopes for Wide Recon Actvities☆106Feb 22, 2021Updated 5 years ago
- ☆18Jul 21, 2025Updated 7 months ago
- ☆38Dec 10, 2023Updated 2 years ago
- huntr.dev public disclosures/hacktivity watcher☆16Nov 5, 2023Updated 2 years ago
- text4shell(CVE-2022-42889) BurpSuite Scanner☆20Dec 9, 2022Updated 3 years ago
- CVE-2023-6875 PoC☆25Jan 15, 2024Updated 2 years ago
- A tool to download program information from Bugcrowd, for use by researchers to compare programs they are eligible to participate in☆21Dec 22, 2022Updated 3 years ago
- 用于检测网站是否使用了CDN机制。☆20Sep 19, 2020Updated 5 years ago
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆18Jun 6, 2024Updated last year
- <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en" class=…☆10Jun 13, 2017Updated 8 years ago
- Hello, Attack Surface Scan, BurpSuite完全被动扫描插件,不主动发送任何请求,适合挂机使用。☆24Jul 10, 2022Updated 3 years ago
- Python/Bash automation customization script designed to automate the reconnaissance process☆21Jan 28, 2024Updated 2 years ago
- A collection of one off hacks and simple scripts☆26Mar 21, 2023Updated 2 years ago
- A tool for monitoring bug bounty programs across multiple platforms to track scope changes.☆32Feb 17, 2026Updated last week
- AWS S3 open bucket poc automated script.☆56Aug 23, 2021Updated 4 years ago
- Modern real world bug bounty payloads and exploitation techniques with may earn you some $$$.☆29Nov 7, 2023Updated 2 years ago
- A Firefox Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆27Dec 9, 2024Updated last year
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Dec 13, 2025Updated 2 months ago
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).☆25May 30, 2021Updated 4 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆36Mar 4, 2025Updated 11 months ago
- Tools for bug bounty☆29Jul 9, 2025Updated 7 months ago
- ☆27Mar 18, 2020Updated 5 years ago
- A tool to migrate Burpsuite HTTP history to Caido☆35Apr 25, 2025Updated 10 months ago
- Google Maps API checker☆77Mar 5, 2024Updated last year
- Text4Shell的burp被动扫描插件☆36Dec 29, 2022Updated 3 years ago
- vhost scanning☆37Nov 1, 2023Updated 2 years ago
- Burpsuite Plugin to detect Directory Traversal vulnerabilities☆27Jul 22, 2021Updated 4 years ago
- Wordpress - Joomla - OpenCart - Drupal CMS Bruter☆11Jul 26, 2022Updated 3 years ago
- This is a compiled cheatsheet from my experience of OSCP 2023 journey. Won't say it is all-rounded but a good starting point if you wanna…☆14Oct 17, 2024Updated last year
- ☆28Sep 25, 2020Updated 5 years ago