PortSwigger / http-request-smuggler
☆950Updated 9 months ago
Related projects: ⓘ
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,657Updated 4 months ago
- Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.☆1,459Updated this week
- ☆1,203Updated last week
- Automated HTTP Request Repeating With Burp Suite☆839Updated 2 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆1,785Updated 8 months ago
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…☆924Updated this week
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆398Updated 2 months ago
- Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…☆986Updated 3 years ago
- Finds unknown classes of injection vulnerabilities☆626Updated 11 months ago
- 🎯 Fast CORS misconfiguration vulnerabilities scanner☆1,033Updated 2 years ago
- Advanced Burp Suite Logging Extension☆619Updated 3 months ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆772Updated 2 years ago
- A Powerful Subdomain Takeover Tool☆919Updated 11 months ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,030Updated 2 months ago
- SSRF (Server Side Request Forgery) testing resources☆2,335Updated last year
- The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.☆1,089Updated 4 months ago
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,299Updated 4 months ago
- A wordlist of API names for web application assessments☆725Updated last year
- Notes about attacking Jenkins servers☆1,949Updated 2 months ago
- ☆784Updated 10 months ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,029Updated 7 months ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆635Updated 5 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆663Updated last year
- List DTDs and generate XXE payloads using those local DTDs.☆601Updated 6 months ago
- ☆647Updated 2 years ago
- Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.☆807Updated 4 months ago
- A DNS rebinding attack framework.☆1,018Updated 3 months ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆703Updated 5 years ago
- ☆1,169Updated 2 years ago
- List of XSS Vectors/Payloads☆1,158Updated 3 weeks ago