PortSwigger / same-origin-method-execution

Related projects: ⓘ

• rgerganov / xxe-example
  XXE vulnerability demo
  ☆22Updated 10 years ago
• nccgroup / dotnetpaddingoracle
  Python Implementation of a .NET Padding Oracle Assessment Tool
  ☆30Updated 8 years ago
• h3xstream / burp-image-metadata
  Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).
  ☆13Updated last year
• Gifts / XXE-OOB-Exploitation-Toolset-for-Automation
  XXE OOB Exploitation Toolset for Automation
  ☆63Updated 10 years ago
• DirectDefense-zz / SuperSerial-Active
  ☆42Updated this week
• aur3lius-dev / SpyDir
  BurpSuite extension to assist with Automated Forced Browsing/Endpoint Enumeration
  ☆22Updated 6 years ago
• tijme / similar-request-excluder
  A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.
  ☆43Updated 4 years ago
• OpenSecurityResearch / flash-xdomain-xploit
  ActionScript Proof of Concept to perform cross-domain reads
  ☆16Updated 11 years ago
• arvinddoraiswamy / ThickClientScripts
  My IDA scripts, tips and testing techniques for Thick Client applications.
  ☆17Updated 10 years ago
• DigitalInterruption / FridaWorkshop
  Break Apps with Frida workshop material
  ☆43Updated 6 years ago
• floyd-fuh / burp-HttpFuzzer
  Burp plugin to do random fuzzing of HTTP requests
  ☆33Updated 7 years ago
• 0ang3el / Hibernate-Injection-Study
  Study about HQL injection exploitation.
  ☆48Updated 8 years ago
• hdm / 2017-BSidesLV-Modern-Recon
  Materials related to the 2017 BSides Las Vegas presentation
  ☆51Updated 3 years ago
• smiegles / certs
  Parse X509 certificates to get the (sub)domains in it.
  ☆28Updated 6 years ago
• ecbftw / poc
  A collection of published exploits and proof-of-concept code.
  ☆19Updated 6 years ago
• abatchy17 / ExploitDevSnippets
  Snippets I used on exploit development, mostly broken.
  ☆12Updated 7 years ago
• AppSecConsulting / Pentest-Tools
  Penetration Testing Tools Developed by AppSec Consulting.
  ☆48Updated 5 years ago
• wick2o / osf_db
  Offline Security Focus Database
  ☆31Updated 11 years ago
• yolosec / deserialize-server
  Demo server for testing Java deserialization payloads
  ☆15Updated 8 years ago
• mandiant / chopshop
  ☆34Updated this week
• Raz0r / burp-radamsa
  Radamsa fuzzer extension for Burp Suite
  ☆22Updated 11 years ago
• muttiopenbts / kisskissie
  XXE attack tool
  ☆31Updated 8 years ago
• LetUsFsck / PoC-Exploit-Mirror
  Archive Mirror for recently republished PoC/Exploit code
  ☆20Updated 6 years ago
• anandtiwarics / python-burp-rest-api
  Python Package for burprestapi
  ☆16Updated 4 years ago
• nccgroup / JDSer-ngng
  A Burp Extender plugin, that will deserialized java objects and encode them in XML using the Xtream library.
  ☆25Updated 9 years ago
• omarkurt / cve-2014-0130
  cve-2014-0130 rails directory traversal vuln
  ☆18Updated 7 years ago
• vulnex / Tintorera
  Source Code Intelligence
  ☆30Updated 7 years ago
• cyberpunkych / attacking_mongodb
  Files from Zeronights presentation.
  ☆28Updated 11 years ago
• matthewdfuller / intellifuzz-xss
  An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match
  ☆41Updated 11 years ago
• silentsignal / burp-collab-gw
  Simple socket-based gateway to the Burp Collaborator
  ☆33Updated 7 years ago