PortSwigger / web-cache-deception-scanner
A Burp Extension to test applications for vulnerability to the Web Cache Deception attack
☆14Updated 6 years ago
Related projects: ⓘ
- A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.☆27Updated 2 years ago
- Collection of content discovery wordlists in one wordlist.☆37Updated 2 years ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆43Updated 2 years ago
- A simple tool which makes creating nuclei templates even easier.☆35Updated 2 months ago
- HTTP requests of FrontPage expolit☆23Updated 10 years ago
- This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.☆37Updated 2 years ago
- Tool for making it easy to collect dns results from the CLI☆39Updated last month
- Query various sources for CVE proof-of-concepts☆50Updated last year
- A command-line tool for Cross-Site WebSocket Hijacking☆39Updated 11 months ago
- ☆47Updated last week
- A collection of Burp Suite Lambda Filters ~ Bambdas☆20Updated 9 months ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Updated 3 years ago
- ☆69Updated 2 years ago
- Copy as XMLHttpRequest BurpSuite extension☆31Updated 3 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆35Updated 3 months ago
- Burp extension to generate multi-step CSRF POC.☆29Updated 4 years ago
- A Web-UI for subdomain enumeration (subfinder)☆53Updated 4 years ago
- 🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline☆56Updated last year
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.☆56Updated 4 years ago
- ☆28Updated 4 months ago
- A Burp Suite extension for headless, unattended scanning.☆36Updated 4 years ago
- Return domains in CSP headers in http response☆15Updated 3 years ago
- ☆11Updated this week
- Extract endpoints marked as disallow in robots files to generate wordlists.☆53Updated 2 years ago
- Jenkins pre-auth RCE exploit. More info at https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266 https://blog.orange.tw/2019/02/…☆10Updated 5 years ago
- Burp extension for quickly copying request/response data.☆26Updated this week
- Validate proxies for specific domain☆34Updated 3 years ago
- Push notifications to Slack channel or to custom server based on BurpSuite response conditions.☆18Updated 3 years ago
- ☆55Updated this week
- ☆21Updated 6 years ago