KishanBagaria / padding-oracle-attacker

Related projects ⓘ

Alternatives and complementary repositories for padding-oracle-attacker

• soffensive / windowsblindread
  A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system
  ☆199Updated last year
• silentsignal / burp-piper
  Piper Burp Suite Extender plugin
  ☆115Updated 8 months ago
• CoreyD97 / Stepper
  A natural evolution of Burp Suite's Repeater tool
  ☆194Updated 9 months ago
• makuga01 / dnsFookup
  DNS rebinding toolkit
  ☆250Updated last year
• rsrdesarrollo / generator-burp-extension
  Everything you need about Burp Extension Generation
  ☆152Updated last year
• vp777 / procrustes
  A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering
  ☆209Updated 3 years ago
• initstring / lxd_root
  Linux privilege escalation via LXD
  ☆132Updated 4 years ago
• mpgn / ByP-SOP
  🏴‍☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴‍☠️
  ☆196Updated 5 years ago
• pwntester / DupeKeyInjector
  DupeKeyInjector
  ☆134Updated 2 years ago
• bayotop / off-by-slash
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆253Updated 3 years ago
• lanjelot / ctfs
  notes and code on past CTFs
  ☆100Updated 3 years ago
• artssec / burp-exporter
  Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.
  ☆171Updated 3 years ago
• filedescriptor / Unicode-Mapping-on-Domain-names
  ☆128Updated 3 years ago
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆293Updated 4 years ago
• nccgroup / CollaboratorPlusPlus
  ☆144Updated 2 years ago
• liamg / pax
  CLI tool for PKCS7 padding oracle attacks
  ☆134Updated 3 years ago
• dariusztytko / token-reverser
  Words list generator to crack security tokens
  ☆110Updated 4 years ago
• FSecureLABS / dref
  DNS Rebinding Exploitation Framework
  ☆482Updated 3 years ago
• kacperszurek / exploits
  ☆259Updated 5 years ago
• sensepost / dwn
  d(ockerp)wn - a docker pwn tool manager
  ☆155Updated 3 years ago
• BishopFox / GadgetProbe
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆585Updated 3 years ago
• andresriancho / mongo-objectid-predict
  Predict Mongo ObjectIds
  ☆125Updated 6 years ago
• nightowl131 / AAPG
  [A]ndroid [A]pplication [P]entest [G]uide
  ☆122Updated 5 years ago
• ihack4falafel / Slink
  Alphanumeric Shellcode (x86) Encoder
  ☆73Updated 2 years ago
• Xib3rR4dAr / filter-var-sqli
  Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )
  ☆31Updated 5 years ago
• Regala / burp-scope-monitor
  Burp Suite Extension to monitor new scope
  ☆195Updated 3 years ago
• ZeddYu / HTTP-Smuggling-Lab
  Use HTTP Smuggling Lab to learn HTTP Smuggling.
  ☆344Updated 2 years ago
• mpgn / poodle-PoC
  Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566
  ☆251Updated last year
• ProfessionallyEvil / harpoon
  A collection of scripts, and tips and tricks for hacking k8s clusters and containers.
  ☆134Updated last month
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated 2 years ago