PortSwigger / server-side-prototype-pollution

Related projects ⓘ

Alternatives and complementary repositories for server-side-prototype-pollution

• synacktiv / laravel_cookie_killer
  ☆24Updated 2 years ago
• Th0h0 / autopoisoner
  Web cache poisoning vulnerability scanner.
  ☆61Updated 2 years ago
• 0x4xel / Bat-Potato
  Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.
  ☆36Updated last year
• PenTestical / CVE-2020-9484
  ☆32Updated 2 years ago
• devanshbatham / heaptruffle
  Mine URLs from Browser's Heap Snapshot for fun and profit
  ☆63Updated last year
• honoki / burp-digitalocean-openvpn-socks
  A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it
  ☆46Updated 8 months ago
• robotmikhro / CVE-2023-38646
  Automatic Tools For Metabase Exploit Known As CVE-2023-38646
  ☆28Updated last year
• byt3hx / research
  The purpose of this repo is to share my research
  ☆14Updated 11 months ago
• rs-loves-bugs / burp-browser-profiles
  Make better use of the embedded browser that comes by default with Burp
  ☆39Updated 10 months ago
• ClickCyber / cve-2022-42889
  cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…
  ☆37Updated 2 years ago
• PortSwigger / serialization-examples
  ☆39Updated 11 months ago
• cyberaz0r / Burp-IISTildeEnumerationScanner
  Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability
  ☆55Updated last year
• Sudistark / xss-writeups
  ☆36Updated last year
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆67Updated 2 years ago
• kljunowsky / XXElixir
  This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
  ☆68Updated 10 months ago
• pentagridsec / PentagridScanController
  Improve automated and semi-automated active scanning in Burp Pro
  ☆60Updated 2 years ago
• kljunowsky / CVE-2022-42889-text4shell
  Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.
  ☆53Updated 10 months ago
• NotSoSecure / NotSoCereal-Lab
  NotSoCereal: A Deserialization exploit playground
  ☆50Updated 2 years ago
• HarshVaragiya / sslsearch
  Hunt SSL Certificates for interesting keywords on major cloud service providers / internet
  ☆33Updated 10 months ago
• jheeree / CVE-2022-1388-checker
  Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5)
  ☆23Updated 2 years ago
• dwisiswant0 / cve-2023-50164-poc
  Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")
  ☆58Updated 10 months ago
• PortSwigger / sensitive-discoverer
  Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.
  ☆17Updated last week
• nullenc0de / FFUF-Workflow-Tool
  This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…
  ☆34Updated this week
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆66Updated last year
• Acceis / unisec
  Unicode Security Toolkit
  ☆26Updated last month
• PortSwigger / nuclei-burp-integration
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆27Updated last year
• yeswehack / BCheck-Burp-scripts
  Bcheck scripts for Burp
  ☆23Updated 3 months ago
• DingyShark / nuclei-scan-sort
  Simple Python script to sort nuclei scans by severity and URL
  ☆29Updated last year
• codewhitesec / HttpRemotingObjRefLeak
  Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)
  ☆85Updated 7 months ago
• k4sth4 / Juicy-Potato
  Windows Privilege Escalation
  ☆42Updated 2 years ago