PortSwigger / same-origin-method-execution
A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
☆15Updated 7 years ago
Related projects: ⓘ
- XXE vulnerability demo☆22Updated 10 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆30Updated 8 years ago
- Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).☆13Updated last year
- XXE OOB Exploitation Toolset for Automation☆63Updated 10 years ago
- ☆42Updated this week
- BurpSuite extension to assist with Automated Forced Browsing/Endpoint Enumeration☆22Updated 6 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43Updated 4 years ago
- ActionScript Proof of Concept to perform cross-domain reads☆16Updated 11 years ago
- My IDA scripts, tips and testing techniques for Thick Client applications.☆17Updated 10 years ago
- Break Apps with Frida workshop material☆43Updated 6 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Updated 7 years ago
- Study about HQL injection exploitation.☆48Updated 8 years ago
- Materials related to the 2017 BSides Las Vegas presentation☆51Updated 3 years ago
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 6 years ago
- A collection of published exploits and proof-of-concept code.☆19Updated 6 years ago
- Snippets I used on exploit development, mostly broken.☆12Updated 7 years ago
- Penetration Testing Tools Developed by AppSec Consulting.☆48Updated 5 years ago
- Offline Security Focus Database☆31Updated 11 years ago
- Demo server for testing Java deserialization payloads☆15Updated 8 years ago
- ☆34Updated this week
- Radamsa fuzzer extension for Burp Suite☆22Updated 11 years ago
- XXE attack tool☆31Updated 8 years ago
- Archive Mirror for recently republished PoC/Exploit code☆20Updated 6 years ago
- Python Package for burprestapi☆16Updated 4 years ago
- A Burp Extender plugin, that will deserialized java objects and encode them in XML using the Xtream library.☆25Updated 9 years ago
- cve-2014-0130 rails directory traversal vuln☆18Updated 7 years ago
- Source Code Intelligence☆30Updated 7 years ago
- Files from Zeronights presentation.☆28Updated 11 years ago
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆41Updated 11 years ago
- Simple socket-based gateway to the Burp Collaborator☆33Updated 7 years ago