PortSwigger / server-side-prototype-pollutionLinks
☆43Updated 2 years ago
Alternatives and similar repositories for server-side-prototype-pollution
Users that are interested in server-side-prototype-pollution are comparing it to the libraries listed below
Sorting:
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆61Updated 2 years ago
- Make better use of the embedded browser that comes by default with Burp☆44Updated 2 years ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆83Updated 2 years ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆103Updated 5 months ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆91Updated last year
- ☆42Updated 2 months ago
- CVE-2023-33733 reportlab RCE☆119Updated 2 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆90Updated 2 years ago
- Web cache poisoning vulnerability scanner.☆72Updated 3 years ago
- A Burp Suite extension for finding DNS vulnerabilities in web applications!☆92Updated 2 years ago
- Tool to enable blind sql injection attacks against websockets using sqlmap☆66Updated 9 months ago
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆78Updated last year
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆73Updated 3 years ago
- Tool for helping in the exploitation of path traversal vulnerabilities in Java web applications☆32Updated 3 years ago
- Improve automated and semi-automated active scanning in Burp Pro☆64Updated 8 months ago
- Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.☆56Updated 2 years ago
- Utility for creating ZipSlip archives☆80Updated 2 years ago
- CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure☆96Updated 2 years ago
- Determine the running software version of a remote F5 BIG-IP management interface.☆69Updated 2 years ago
- LFI to RCE via phpinfo() assistance or via controlled log file☆71Updated 2 years ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆64Updated 2 years ago
- ☆27Updated 4 years ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆68Updated last year
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.�☆31Updated 2 years ago
- Just some random small tools for dealing with asp.net Forms Authentication Cookies☆30Updated 4 years ago
- Exploit for Symfony CVE-2024-50340 (forked eos)☆29Updated last year
- ☆28Updated 3 years ago
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the int…☆140Updated last year
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆34Updated last year
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆21Updated last year