PortSwigger / server-side-prototype-pollution
☆30Updated last year
Related projects ⓘ
Alternatives and complementary repositories for server-side-prototype-pollution
- ☆24Updated 2 years ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆63Updated last year
- Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.☆36Updated last year
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆48Updated 8 months ago
- Automatic Tools For Metabase Exploit Known As CVE-2023-38646☆28Updated last year
- ☆32Updated 2 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆85Updated 9 months ago
- Burp Suite's extension to scan and crawl Single Page Applications☆99Updated last year
- Make better use of the embedded browser that comes by default with Burp☆38Updated 10 months ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆27Updated last year
- Web cache poisoning vulnerability scanner.☆61Updated 2 years ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆86Updated 7 months ago
- A Burp Suite extension for finding DNS vulnerabilities in web applications!☆94Updated last year
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆55Updated last year
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆33Updated 2 weeks ago
- Determine the running software version of a remote F5 BIG-IP management interface.☆63Updated 10 months ago
- cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…☆37Updated 2 years ago
- ☆36Updated last year
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆52Updated 5 months ago
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆39Updated 5 months ago
- ☆39Updated 11 months ago
- ☆56Updated last year
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆68Updated 10 months ago
- Utility for creating ZipSlip archives☆67Updated last year
- ☆65Updated last month
- The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.☆65Updated 8 months ago
- This extension enhances Burp Suite by adding several UI and functional features, making it more user-friendly.☆62Updated 9 months ago
- Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.☆54Updated 10 months ago
- Proof of Concept Exploit for CVE-2024-9464☆42Updated last month
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆52Updated 3 weeks ago