Kirill89 / prototype-pollution-explained

Related projects ⓘ

Alternatives and complementary repositories for prototype-pollution-explained

• Sjord / messpostage
  PostMessage extension
  ☆95Updated 5 years ago
• andresriancho / mongo-objectid-predict
  Predict Mongo ObjectIds
  ☆125Updated 6 years ago
• BlackFan / cspp-tools
  Client-Side Prototype Pollution Tools
  ☆84Updated 3 years ago
• filedescriptor / Unicode-Mapping-on-Domain-names
  ☆128Updated 3 years ago
• smiegles / extract-relative-url-heapsnapshot
  Extract relative urls from a heap snapshot
  ☆85Updated 3 years ago
• war-and-code / akamai-arl-hack
  Script to test open Akamai ARL vulnerability.
  ☆70Updated 3 years ago
• detectify / cs-challenge
  Detectify Crowdsource Challenge
  ☆63Updated 2 years ago
• ptswarm / ptswarm-twitter
  ☆75Updated 3 years ago
• bp0lr / dmut
  A tool to perform permutations, mutations and alteration of subdomains in golang.
  ☆156Updated 11 months ago
• hahwul / XSS-Payload-without-Anything
  XSS Payload without Anything.
  ☆102Updated 5 years ago
• david3107 / graphql-security-labs
  GraphQL security workshop labs
  ☆102Updated 4 months ago
• Regala / burp-scope-monitor
  Burp Suite Extension to monitor new scope
  ☆195Updated 3 years ago
• ameenmaali / qsfuzz
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆296Updated last year
• szski / shapeshifter
  GraphQL security testing tool
  ☆117Updated 2 years ago
• sorokinpf / ApiWordlistGenerator
  Generate wordlists for fuzzing API method names
  ☆54Updated 4 years ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆130Updated 3 years ago
• dwisiswant0 / slackcat
  A simple way of sending messages from the CLI output to your Slack with webhook.
  ☆114Updated 11 months ago
• tarunkant / EndPoint-Finder
  Finds the End-Points in JavaScript files
  ☆88Updated 3 years ago
• timhudson / jwt-secret
  Bruteforce a JWT against a list of passwords
  ☆72Updated 7 years ago
• subfinder / goaltdns
  A permutation generation tool written in golang
  ☆206Updated 5 years ago
• shhnjk / cursed_types
  List of Trusted Types bypasses
  ☆86Updated 7 months ago
• pwn0sec / PwnSSRF
  A Python based scanner to find potential SSRF parameters in a web application.
  ☆71Updated 3 years ago
• abdilahrf / shania
  Scan secrets from Continuous Integration Build Logs
  ☆52Updated 5 years ago
• gwen001 / bugbountytips
  Webapp to search tips on Twitter through #bugbountytips
  ☆69Updated last year
• jakejarvis / subtake
  Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
  ☆145Updated 4 years ago
• lc / jenkinz
  jenkinz is a tool to retrieve every build for every job ever created and run on a given Jenkins instance.
  ☆66Updated 5 years ago
• nikitastupin / param-miner-doc
  Unofficial documentation for the great tool Param Miner
  ☆173Updated 2 years ago
• sw33tLie / bcscope
  Get the scope of your bugcrowd programs
  ☆66Updated 3 years ago
• vavkamil / wp-update-confusion
  WordPress Plugin Update Confusion
  ☆67Updated 2 years ago