KishanBagaria / padding-oracle-attacker
π CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.
β197Updated last year
Related projects: β
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filteringβ209Updated 3 years ago
- π΄ββ οΈ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files π΄ββ οΈβ196Updated 5 years ago
- A natural evolution of Burp Suite's Repeater toolβ194Updated 7 months ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.β251Updated 2 years ago
- DNS rebinding toolkitβ250Updated last year
- Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.β169Updated 2 years ago
- β128Updated 3 years ago
- A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating systemβ197Updated last year
- Predict Mongo ObjectIdsβ125Updated 6 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.β343Updated last year
- Linux privilege escalation via LXDβ129Updated 4 years ago
- notes and code on past CTFsβ99Updated 3 years ago
- β145Updated 2 years ago
- Simple python script to extract unsafe functions from php projectsβ195Updated 6 years ago
- DupeKeyInjectorβ134Updated 2 years ago
- HTTP.ninjaβ147Updated last year
- A mini webserver with FTP support for XXE payloadsβ326Updated 8 months ago
- A little bit less hackish way to intercept and modify non-HTTP protocols through Burp & others.β201Updated 2 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requestsβ331Updated last month
- Everything you need about Burp Extension Generationβ151Updated last year
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cerβ¦β279Updated 2 months ago
- A cheat sheet for attacking SQLite via SQLiβ92Updated 8 years ago
- SHELLING - a comprehensive OS command injection payload generatorβ104Updated 5 years ago
- A Chrome extension static analysis tool to help aide in security reviews.β145Updated last year
- β257Updated 5 years ago
- Piper Burp Suite Extender pluginβ113Updated 6 months ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes β¦β252Updated last year
- β84Updated 7 months ago
- β277Updated 2 years ago
- A toolbox for extracting RSA private keys from public keys.β166Updated 2 years ago