PortSwigger / same-origin-method-executionLinks
A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
☆15Updated 8 years ago
Alternatives and similar repositories for same-origin-method-execution
Users that are interested in same-origin-method-execution are comparing it to the libraries listed below
Sorting:
- Burp plugin to do random fuzzing of HTTP requests☆33Updated 8 years ago
- ☆71Updated 7 years ago
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆45Updated 7 years ago
- public exploits☆35Updated 2 years ago
- Materials related to the 2017 BSides Las Vegas presentation☆52Updated 4 years ago
- cve-2014-0130 rails directory traversal vuln☆19Updated 8 years ago
- XXE vulnerability demo☆22Updated 11 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43Updated 5 years ago
- Penetration Testing Tools Developed by AppSec Consulting.☆48Updated 6 years ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Updated 6 years ago
- WhiteBox CMS analysis☆69Updated 2 years ago
- Highlight Burp proxy requests made by different browsers☆29Updated 7 years ago
- DoS PoC's for SAP products☆52Updated 7 years ago
- Burp extension to help developers replicate findings from pen tests☆70Updated last year
- CSV injection Vulnerable Script.☆29Updated 8 years ago
- Extension adds a new tab in Burp Suite called Extractor☆42Updated 6 years ago
- Burp Suite extension to generate Intruder payloads using Radamsa☆90Updated 7 years ago
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆42Updated 12 years ago
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 7 years ago
- ActionScript Proof of Concept to perform cross-domain reads☆16Updated 12 years ago
- Duncan - Blind SQL injector skeleton☆58Updated 3 years ago
- BurpSuite extension to assist with Automated Forced Browsing/Endpoint Enumeration☆23Updated 7 years ago
- Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)☆38Updated 9 years ago
- Test CVE-2018-0296 and extract usernames☆106Updated 6 years ago
- Proof of Concept's provided by Source Incite☆37Updated 8 years ago
- ZIP File Raider - Burp Extension for ZIP File Payload Testing☆71Updated 5 years ago
- Simple socket-based gateway to the Burp Collaborator☆34Updated 8 years ago
- A collection of published exploits and proof-of-concept code.☆21Updated 7 years ago
- Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).☆14Updated 2 years ago
- Exploitation challenges for CTF☆63Updated 7 years ago