PortSwigger / server-side-prototype-pollution
☆29Updated last year
Related projects ⓘ
Alternatives and complementary repositories for server-side-prototype-pollution
- ☆24Updated 2 years ago
- Web cache poisoning vulnerability scanner.☆61Updated 2 years ago
- Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.☆36Updated last year
- ☆32Updated 2 years ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆63Updated last year
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆46Updated 8 months ago
- Automatic Tools For Metabase Exploit Known As CVE-2023-38646☆28Updated last year
- The purpose of this repo is to share my research☆14Updated 11 months ago
- Make better use of the embedded browser that comes by default with Burp☆39Updated 10 months ago
- cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…☆37Updated 2 years ago
- ☆39Updated 11 months ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆55Updated last year
- ☆36Updated last year
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆67Updated 2 years ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆68Updated 10 months ago
- Improve automated and semi-automated active scanning in Burp Pro☆60Updated 2 years ago
- Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.☆53Updated 10 months ago
- NotSoCereal: A Deserialization exploit playground☆50Updated 2 years ago
- Hunt SSL Certificates for interesting keywords on major cloud service providers / internet☆33Updated 10 months ago
- Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5)☆23Updated 2 years ago
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆58Updated 10 months ago
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.☆17Updated last week
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆34Updated this week
- Utility for creating ZipSlip archives☆66Updated last year
- Unicode Security Toolkit☆26Updated last month
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆27Updated last year
- Bcheck scripts for Burp☆23Updated 3 months ago
- Simple Python script to sort nuclei scans by severity and URL☆29Updated last year
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆85Updated 7 months ago
- Windows Privilege Escalation☆42Updated 2 years ago