Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
☆75Jan 21, 2024Updated 2 years ago
Alternatives and similar repositories for silent-spring
Users that are interested in silent-spring are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of Server-Side Prototype Pollution gadgets and exploits☆230Feb 6, 2025Updated last year
- linux ebpf backdoor demo☆12Nov 20, 2024Updated last year
- TC39 proposal for mitigating prototype pollution☆53Aug 29, 2023Updated 2 years ago
- PoC☆12Apr 7, 2025Updated last year
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆57Oct 25, 2023Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆40Oct 4, 2024Updated last year
- ☆16Feb 27, 2026Updated 3 months ago
- DNS Tunneling as net.Conn☆16Dec 22, 2024Updated last year
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆168Jan 29, 2024Updated 2 years ago
- pwn envs based on docker of ubuntu16.04,18.04,20.04☆10Dec 4, 2022Updated 3 years ago
- ☆22Nov 3, 2022Updated 3 years ago
- ☆29Aug 30, 2022Updated 3 years ago
- Exploit for CVE-2024-0402 in Gitlab☆15Mar 18, 2025Updated last year
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆118Feb 13, 2026Updated 3 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆24May 11, 2024Updated 2 years ago
- ☆20Jan 19, 2026Updated 4 months ago
- ☆10Mar 5, 2023Updated 3 years ago
- kill AV/EDR☆20Jun 9, 2023Updated 2 years ago
- Challenges I wrote for various CTF competitions☆44Jul 21, 2024Updated last year
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 2 years ago
- Argument Injection in Dragonfly Ruby Gem☆16May 26, 2021Updated 5 years ago
- 通过 ebpf(bcc) 在 TCP 包中插入 TOA,实现任意 TOA 伪造☆28Dec 12, 2023Updated 2 years ago
- recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to termi…☆23Feb 11, 2023Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Shellcode execution via x86 inline assembly based on MSVC syntax☆17Apr 26, 2023Updated 3 years ago
- Pentest Q&A trick written in Vietnamese☆11May 16, 2019Updated 7 years ago
- Prototype Pollution and useful Script Gadgets☆1,623Jan 27, 2024Updated 2 years ago
- Awesome MXSS ??☆57Sep 30, 2024Updated last year
- My security presentations☆29Aug 21, 2023Updated 2 years ago
- Tools for Attacking Pleasant Password Server☆23Sep 19, 2023Updated 2 years ago
- TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.☆94Aug 25, 2025Updated 9 months ago
- WAF Environment for OpenAI Gym☆15Dec 13, 2020Updated 5 years ago
- GitHub Entreprise Server SAML authentication bypass (CVE-2025-23369) exploit☆38Feb 8, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- CodeQL extractor for java, which don't need to compile java source☆347Nov 25, 2022Updated 3 years ago
- Community Eventing and Scripting examples☆19Aug 11, 2025Updated 9 months ago
- ☆75Jun 17, 2025Updated 11 months ago
- A tool to search for gadgets, operations, and ROP chains using a backtracking algorithm in a tree-like structure☆19Jun 13, 2023Updated 2 years ago
- A vul-finder for loading CPG and automated finding vul-call-chains☆71Jul 22, 2025Updated 10 months ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆184Sep 19, 2024Updated last year
- Some practices for ML Security, like XSS、Webshell detection...☆15Aug 28, 2019Updated 6 years ago