PortSwigger / http-request-smuggler

Related projects: ⓘ

• wagiro / BurpBounty
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
  ☆1,657Updated 4 months ago
• PortSwigger / turbo-intruder
  Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
  ☆1,459Updated this week
• PortSwigger / param-miner
  ☆1,203Updated last week
• nccgroup / AutoRepeater
  Automated HTTP Request Repeating With Burp Suite
  ☆839Updated 2 years ago
• defparam / smuggler
  Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
  ☆1,785Updated 8 months ago
• Quitten / Autorize
  Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…
  ☆924Updated this week
• PortSwigger / xss-cheatsheet-data
  This repository contains all the XSS cheatsheet data to allow contributions from the community.
  ☆398Updated 2 months ago
• yassineaboukir / sublert
  Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…
  ☆986Updated 3 years ago
• PortSwigger / backslash-powered-scanner
  Finds unknown classes of injection vulnerabilities
  ☆626Updated 11 months ago
• chenjj / CORScanner
  🎯 Fast CORS misconfiguration vulnerabilities scanner
  ☆1,033Updated 2 years ago
• nccgroup / LoggerPlusPlus
  Advanced Burp Suite Logging Extension
  ☆619Updated 3 months ago
• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆772Updated 2 years ago
• Ice3man543 / SubOver
  A Powerful Subdomain Takeover Tool
  ☆919Updated 11 months ago
• BuffaloWill / oxml_xxe
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,030Updated 2 months ago
• cujanovic / SSRF-Testing
  SSRF (Server Side Request Forgery) testing resources
  ☆2,335Updated last year
• 0xInfection / XSRFProbe
  The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
  ☆1,089Updated 4 months ago
• infosec-au / altdns
  Generates permutations, alterations and mutations of subdomains and then resolves them
  ☆2,299Updated 4 months ago
• chrislockard / api_wordlist
  A wordlist of API names for web application assessments
  ☆725Updated last year
• gquere / pwn_jenkins
  Notes about attacking Jenkins servers
  ☆1,949Updated 2 months ago
• nahamsec / JSParser
  ☆784Updated 10 months ago
• fransr / postMessage-tracker
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆1,029Updated 7 months ago
• appsecco / the-art-of-subdomain-enumeration
  This repository contains all the supplement material for the book "The art of sub-domain enumeration"
  ☆635Updated 5 years ago
• incredibleindishell / SSRF_Vulnerable_Lab
  This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
  ☆663Updated last year
• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆601Updated 6 months ago
• filedescriptor / untrusted-types
  ☆647Updated 2 years ago
• RhinoSecurityLabs / IPRotate_Burp_Extension
  Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
  ☆807Updated 4 months ago
• nccgroup / singularity
  A DNS rebinding attack framework.
  ☆1,018Updated 3 months ago
• nccgroup / BurpSuiteHTTPSmuggler
  A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
  ☆703Updated 5 years ago
• httpvoid / writeups
  ☆1,169Updated 2 years ago
• RenwaX23 / XSS-Payloads
  List of XSS Vectors/Payloads
  ☆1,158Updated 3 weeks ago