PortSwigger / url-cheatsheet-dataLinks
This is the data that powers the PortSwigger URL validation bypass cheat sheet.
☆51Updated 3 months ago
Alternatives and similar repositories for url-cheatsheet-data
Users that are interested in url-cheatsheet-data are comparing it to the libraries listed below
Sorting:
- ☆83Updated 2 months ago
- Awesome MXSS ??☆52Updated 10 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆147Updated last year
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆65Updated last year
- A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs☆72Updated 2 months ago
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆101Updated last year
- A rapid HTTP downgrade smuggling scanner written in Go.☆306Updated last year
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- Improve automated and semi-automated active scanning in Burp Pro☆61Updated 2 months ago
- Same Origin XSS challenge☆62Updated 3 years ago
- Burpsuite plugin for Interact.sh☆227Updated last year
- Client-Side Prototype Pollution Tools☆85Updated 3 years ago
- PP-finder Help you find gadget for prototype pollution exploitation☆176Updated last year
- ☆89Updated last year
- ☆103Updated last year
- A collection of Server-Side Prototype Pollution gadgets and exploits☆205Updated 6 months ago
- ☆169Updated 3 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆101Updated 2 months ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆111Updated last year
- jws2pubkey tool☆40Updated 2 months ago
- Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code☆92Updated 8 months ago
- An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition☆28Updated 7 years ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆148Updated 8 months ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆73Updated 2 years ago
- BChecks collection for Burp Suite Professional☆99Updated last year
- ☆183Updated 10 months ago
- oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning☆70Updated 8 months ago
- Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations☆77Updated this week
- A collection of utilities for building extensions using Burp's Montoya API☆52Updated last year
- ☆22Updated 5 months ago