PortSwigger/server-side-prototype-pollution external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

PortSwigger/server-side-prototype-pollution

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/PortSwigger/server-side-prototype-pollution)

Close

PortSwigger / server-side-prototype-pollutionView on GitHubMore

• External links
• Readme badge

☆44Mar 13, 2023Updated 3 years ago

Alternatives and similar repositories for server-side-prototype-pollution

Users that are interested in server-side-prototype-pollution are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• kensh1ro / dart-shellcode

  View on GitHub
  A PoC executing shellcode in Dart
  ☆15Jun 28, 2022Updated 3 years ago
• ninoseki / kibune

  View on GitHub
  A Sigma based detection pipeline
  ☆12Dec 15, 2023Updated 2 years ago
• trickest / packages

  View on GitHub
  Automated compromise detection of the world's most popular packages
  ☆16Sep 25, 2023Updated 2 years ago
• PortSwigger / jwt-editor

  View on GitHub
  A Burp Suite extension for creating and editing JSON Web Tokens. This tool supports signing and verification of JWS, encryption and decry…
  ☆46Apr 23, 2026Updated last week
• wlayzz / RopstenCtf

  View on GitHub
  RopstenCtf is an easy tool to interact with the ethereum ropsten network for ctf purpose and more.
  ☆16Jul 18, 2022Updated 3 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• MythicAgents / leviathan

  View on GitHub
  ☆22Dec 30, 2025Updated 4 months ago
• Barefoot-Dev / solidity-nft-boilerplate

  View on GitHub
  A boilerplate for developing, testing and deploying smart contracts using Hardhat and Ethers.js
  ☆18Aug 31, 2022Updated 3 years ago
• Teuze / translate

  View on GitHub
  Partially offline multi-language translator built upon Huggingface transformers.
  ☆16Sep 12, 2022Updated 3 years ago
• usualsuspect / yara_vt_mock

  View on GitHub
  Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing
  ☆24May 29, 2023Updated 2 years ago
• sensepost / sockstlsproxy

  View on GitHub
  ☆39Apr 3, 2023Updated 3 years ago
• ab2pentest / MacOSThreatTrack

  View on GitHub
  Bash tool used for proactive detection of malicious activity on macOS systems.
  ☆38Sep 29, 2025Updated 7 months ago
• hakivvi / ermir

  View on GitHub
  an Evil Java RMI Registry.
  ☆50Feb 8, 2023Updated 3 years ago
• System00-Security / backflow

  View on GitHub
  Private vulnerability testing suite
  ☆13Mar 30, 2021Updated 5 years ago
• ceramicskate0 / SharpLeftOvers

  View on GitHub
  A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup
  ☆37Sep 14, 2023Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• six2dez / postleaksNg

  View on GitHub
  Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaks
  ☆31Feb 13, 2026Updated 2 months ago
• MythicC2Profiles / discord

  View on GitHub
  Discord C2 Profile for Mythic
  ☆33Feb 18, 2025Updated last year
• PortSwigger / content-type-converter

  View on GitHub
  Central Repo for Burp extensions
  ☆26Dec 13, 2024Updated last year
• fionafibration / ASTObfuscate

  View on GitHub
  A Python Obfuscator through AST modification
  ☆26Nov 15, 2019Updated 6 years ago
• DanusMinimus / snallybuckster

  View on GitHub
  Locate intersting files in grayhatwarfare.com open S3 buckets and Azure blobs automatically!
  ☆28Apr 6, 2022Updated 4 years ago
• randorisec / MobileHackingBinaryExploitationCheatSheet

  View on GitHub
  Basics on commands/tools/info on how to do binary exploitation on a mobile phone
  ☆56Apr 27, 2023Updated 3 years ago
• gdalmau / lakera-gandalf-solutions

  View on GitHub
  My inputs for the LLM Gandalf made by Lakera
  ☆49Sep 18, 2023Updated 2 years ago
• LucasParsy / haccks

  View on GitHub
  Hacker Animation Cool Console Kryptographic Sequencer (haccks)
  ☆14Oct 14, 2024Updated last year
• blacklanternsecurity / dp_cryptomg

  View on GitHub
  Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.
  ☆60Apr 1, 2026Updated 3 weeks ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• RedyOpsResearchLabs / SEP-14.2-Arbitrary-Write

  View on GitHub
  CVE-2020-5837 exploit
  ☆42May 13, 2020Updated 5 years ago
• n00py / CUCMe

  View on GitHub
  Cisco Unfied Call Manager enumeration
  ☆24Jul 13, 2022Updated 3 years ago
• PortSwigger / brida

  View on GitHub
  The new bridge between Burp Suite and Frida!
  ☆28Oct 31, 2025Updated 6 months ago
• veritas501 / CVE-2022-0185-PipeVersion

  View on GitHub
  CVE-2022-0185 exploit rewritten with pipe primitive
  ☆17Apr 5, 2022Updated 4 years ago
• zblurx / impersonate-rs

  View on GitHub
  Rusty Impersonate
  ☆105Oct 15, 2025Updated 6 months ago
• vulnerabilitylabs / aem-hacker

  View on GitHub
  ☆22Jun 16, 2019Updated 6 years ago
• CodeByHarri / Sigma2KQL

  View on GitHub
  Sigma Queries turned into KQL for Defender using pysigma
  ☆12Mar 29, 2026Updated last month
• HacKanCuBa / shellcomm-php

  View on GitHub
  Communicate with a remote shell easily
  ☆12Dec 10, 2017Updated 8 years ago
• DragoQCC / ShellcodeEncryption

  View on GitHub
  Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…
  ☆15Mar 18, 2022Updated 4 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• snyk / socketsleuth

  View on GitHub
  Burp Extension to add additional functionality for pentesting websocket based applications
  ☆104Aug 27, 2025Updated 8 months ago
• PortSwigger / additional-cors-checks

  View on GitHub
  ☆11Jun 8, 2022Updated 3 years ago
• zyn3rgy / ClickonceHunter

  View on GitHub
  Golang search engine scraper intended for identification of published ClickOnce deployments
  ☆93Nov 19, 2024Updated last year
• PortSwigger / agartha

  View on GitHub
  a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …
  ☆30Oct 21, 2025Updated 6 months ago
• ASafarzadeh / Subfind3r

  View on GitHub
  An improved version of Sublist3r, a python based Fast subdomains enumeration tool for penetration testers
  ☆10Feb 10, 2024Updated 2 years ago
• daddycocoaman / azbelt

  View on GitHub
  AAD related enumeration in Nim
  ☆131Sep 7, 2023Updated 2 years ago
• nettitude / CVE-2024-25153

  View on GitHub
  Proof-of-concept exploit for CVE-2024-25153.
  ☆42Mar 13, 2024Updated 2 years ago