PortSwigger / server-side-prototype-pollution

Related projects ⓘ

Alternatives and complementary repositories for server-side-prototype-pollution

• synacktiv / laravel_cookie_killer
  ☆24Updated 2 years ago
• devanshbatham / heaptruffle
  Mine URLs from Browser's Heap Snapshot for fun and profit
  ☆63Updated last year
• 0x4xel / Bat-Potato
  Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.
  ☆36Updated last year
• honoki / burp-digitalocean-openvpn-socks
  A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it
  ☆48Updated 8 months ago
• robotmikhro / CVE-2023-38646
  Automatic Tools For Metabase Exploit Known As CVE-2023-38646
  ☆28Updated last year
• PenTestical / CVE-2020-9484
  ☆32Updated 2 years ago
• Moopinger / CLZero
  A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors
  ☆85Updated 9 months ago
• fcavallarin / burp-dom-scanner
  Burp Suite's extension to scan and crawl Single Page Applications
  ☆99Updated last year
• rs-loves-bugs / burp-browser-profiles
  Make better use of the embedded browser that comes by default with Burp
  ☆38Updated 10 months ago
• PortSwigger / nuclei-burp-integration
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆27Updated last year
• Th0h0 / autopoisoner
  Web cache poisoning vulnerability scanner.
  ☆61Updated 2 years ago
• codewhitesec / HttpRemotingObjRefLeak
  Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)
  ☆86Updated 7 months ago
• The-Login / DNS-Analyzer
  A Burp Suite extension for finding DNS vulnerabilities in web applications!
  ☆94Updated last year
• cyberaz0r / Burp-IISTildeEnumerationScanner
  Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability
  ☆55Updated last year
• nullenc0de / FFUF-Workflow-Tool
  This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…
  ☆33Updated 2 weeks ago
• BishopFox / bigip-scanner
  Determine the running software version of a remote F5 BIG-IP management interface.
  ☆63Updated 10 months ago
• ClickCyber / cve-2022-42889
  cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…
  ☆37Updated 2 years ago
• Sudistark / xss-writeups
  ☆36Updated last year
• ambionics / scalpel
  Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
  ☆52Updated 5 months ago
• h1pmnh / sqli-dojo-docker
  A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment
  ☆39Updated 5 months ago
• PortSwigger / serialization-examples
  ☆39Updated 11 months ago
• Rhynorater / rebindMultiA
  ☆56Updated last year
• kljunowsky / XXElixir
  This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
  ☆68Updated 10 months ago
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆67Updated last year
• PortSwigger / splitting-the-email-atom
  ☆65Updated last month
• Hackmanit / template-injection-table
  The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.
  ☆65Updated 8 months ago
• irsdl / BurpSuiteSharpenerEx
  This extension enhances Burp Suite by adding several UI and functional features, making it more user-friendly.
  ☆62Updated 9 months ago
• kljunowsky / CVE-2022-42889-text4shell
  Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.
  ☆54Updated 10 months ago
• horizon3ai / CVE-2024-9464
  Proof of Concept Exploit for CVE-2024-9464
  ☆42Updated last month
• cosad3s / hfinder
  Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE
  ☆52Updated 3 weeks ago