Alternatives and similar repositories for CacheAttack

Users that are interested in CacheAttack are comparing it to the libraries listed below

• shoebpate1 / Web-CTF-Challenges
  Collection of quirky behaviours of code and the CTF challenges that I made around them.
  ☆27Updated 5 years ago
• BlackFan / cspp-tools
  Client-Side Prototype Pollution Tools
  ☆86Updated 4 years ago
• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆82Updated 3 years ago
• fransr / hot-jar-swapping-urlclassloader
  Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes
  ☆32Updated 3 years ago
• detectify / Varnish-H2-Request-Smuggling
  ☆56Updated 4 years ago
• neex / ghostinthepdf
  ☆170Updated 4 years ago
• riramar / h2rs
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Updated 3 years ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆132Updated 4 years ago
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆51Updated 3 years ago
• vavkamil / wp-update-confusion
  WordPress Plugin Update Confusion
  ☆66Updated 4 years ago
• SoheilKhodayari / DOMClobbering
  DOM Clobbering Wiki, Browser Testing, and Payload Generation
  ☆60Updated last month
• Static-Flow / BurpSuiteAutoCompletion
  This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
  ☆164Updated 4 years ago
• farisv / PIL-RCE-Ghostscript-CVE-2018-16509
  PoC + Docker Environment for Python PIL/Pillow Remote Shell Command Execution via Ghostscript CVE-2018-16509
  ☆58Updated 5 years ago
• shabarkin / CodeAllTheThings
  A list of threat sinks used in the manual security source code review for application security
  ☆76Updated 2 years ago
• HLOverflow / XXE-study
  This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…
  ☆112Updated last year
• yuriisanin / svg2raster-cheatsheet
  A cheatsheet for exploiting server-side SVG rasterization.
  ☆30Updated 3 years ago
• terjanq / same-origin-xss
  Same Origin XSS challenge
  ☆64Updated 3 years ago
• Zeetaz / FancyTracker-FF
  A modern postMessage tracker including additional features, inspired by Frans Rosens postmessage tracker. A port of chrome Manifest V3 "F…
  ☆50Updated 4 months ago
• andresriancho / mongo-objectid-predict
  Predict Mongo ObjectIds
  ☆151Updated 7 years ago
• defparam / haptyc
  ☆95Updated 4 years ago
• ptswarm / ptswarm-twitter
  ☆76Updated 5 years ago
• michael1026 / trashcompactor
  ☆66Updated 3 years ago
• assetnote / jira-mobile-ssrf-exploit
  Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)
  ☆88Updated 3 years ago
• KathanP19 / protoscan
  Prototype Pollution Scanner
  ☆135Updated 4 years ago
• pentesterland / Log4Shell
  ☆73Updated 4 years ago
• hussein98d / LFI-files
  Wordlist to bruteforce for LFI
  ☆128Updated 6 years ago
• riramar / DesyncCL0
  A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.
  ☆36Updated 3 years ago
• jzheaux / spel-injection
  An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition
  ☆28Updated 7 years ago
• kosmosec / proto-find
  Let's check if your target is vulnerable for client side prototype pollution.
  ☆65Updated 2 years ago
• w9w / bugbounty_changelogs
  ☆56Updated last year