Kirill89 / prototype-pollution-exploits

Related projects ⓘ

Alternatives and complementary repositories for prototype-pollution-exploits

• w9w / bugbounty_changelogs
  ☆56Updated 8 months ago
• BlackFan / cspp-tools
  Client-Side Prototype Pollution Tools
  ☆84Updated 3 years ago
• fransr / hot-jar-swapping-urlclassloader
  Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes
  ☆30Updated last year
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆39Updated 2 years ago
• sw33tLie / ugly-scripts
  A collection of scripts for bug-bounty related stuff
  ☆38Updated 4 years ago
• honoki / burp-copy-regex-matches
  Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.
  ☆33Updated 2 years ago
• joefizz / autofindomain
  ☆24Updated 3 years ago
• 303sec / log4shell-everywhere
  A Burp Suite extension which augments your proxy traffic by injecting log4shell payloads into headers
  ☆42Updated 2 years ago
• ZephrFish / Lepus
  Subdomain finder
  ☆10Updated 2 years ago
• GoSecure / request-smuggling-workshop
  ☆23Updated last year
• Cgboal / exclude-cdn
  Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin
  ☆42Updated last year
• riramar / DesyncCL0
  A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.
  ☆35Updated 2 years ago
• Universe1122 / smuggler.py
  HTTP request smuggling tools
  ☆17Updated 4 years ago
• 1lastBr3ath / XSleaks
  Chrome extension to detect possible xsleaks
  ☆12Updated 5 years ago
• Sy3Omda / burp-bounty
  Burp Bounty profiles
  ☆82Updated 2 years ago
• emadshanab / Scan-Apple-ASN-for-vulnerabilities-and-leave-no-port
  ☆45Updated 3 years ago
• 254Labs / awesome-bambdas
  A collection of Burp Suite Lambda Filters ~ Bambdas
  ☆22Updated last month
• melbadry9 / SSLEnum
  Extract SSL certificate data (Subject Name, Subject Alt Names, Organisation)
  ☆41Updated last year
• pelaohxc / postMessageFinder
  ☆36Updated 4 years ago
• CaptainFreak / Web-CTF-Challenges
  Collection of quirky behaviours of code and the CTF challenges that I made around them.
  ☆27Updated 3 years ago
• riramar / h2csmuggler-proxy
  This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
  ☆37Updated 2 years ago
• TheGrandPew / Sanity
  ☆15Updated 3 years ago
• PortSwigger / ator
  ☆29Updated 7 months ago
• 0xAwali / Virtual-Host
  Modified Nuclei Templates Version to FUZZ Host Header
  ☆48Updated 2 years ago
• Co0nan / ParamsExtractor
  A burp-suite plugin that extract all parameter names from in-scope requests
  ☆29Updated 3 years ago
• terjanq / same-origin-xss
  Same Origin XSS challenge
  ☆56Updated 2 years ago
• iustin24 / chameleon-wordlists
  Chameleon Wordlists
  ☆14Updated 2 years ago
• tehryanx / sprawl
  Expand urls into one url for each path depth
  ☆32Updated 4 years ago
• emadshanab / Adobe-Experience-Manager
  ☆33Updated 3 years ago
• xxux11 / http-methods-discloser
  ☆46Updated 3 years ago