KishanBagaria / padding-oracle-attackerLinks
🔓 CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.
☆206Updated 2 years ago
Alternatives and similar repositories for padding-oracle-attacker
Users that are interested in padding-oracle-attacker are comparing it to the libraries listed below
Sorting:
- 🏴☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴☠️☆201Updated 6 years ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering☆210Updated 4 years ago
- A natural evolution of Burp Suite's Repeater tool☆199Updated last year
- notes and code on past CTFs☆103Updated 3 years ago
- Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.☆177Updated 3 years ago
- A Python implementation that facilitates finding timeless timing attack vulnerabilities.☆126Updated last month
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆349Updated 2 years ago
- A denial-of-service proof-of-concept for CVE-2020-1350☆237Updated 4 years ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆433Updated 2 years ago
- A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system☆203Updated 2 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆599Updated 4 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆259Updated 3 years ago
- DNS rebinding toolkit☆253Updated 2 years ago
- ☆264Updated 6 years ago
- Pentest/BugBounty progress control with scanning modules☆281Updated 4 years ago
- Security Testing Scripts for JWT☆314Updated 2 years ago
- Script to recover mt_rand()'s seed with only two outputs and without any bruteforce.☆153Updated 5 years ago
- Multi-threaded Padding Oracle attacks against any service. Written in Rust.☆98Updated 2 years ago
- CLI tool for PKCS7 padding oracle attacks☆137Updated 4 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆363Updated 9 months ago
- ☆128Updated 4 years ago
- Words list generator to crack security tokens☆110Updated 5 years ago
- DNS Rebinding Exploitation Framework☆488Updated 4 years ago
- Various Payload wordlists☆236Updated last month
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆315Updated 2 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆281Updated 7 years ago
- Everything you need about Burp Extension Generation☆154Updated 2 years ago
- [A]ndroid [A]pplication [P]entest [G]uide☆124Updated 5 years ago
- SHELLING - a comprehensive OS command injection payload generator☆110Updated 5 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆259Updated 2 years ago