PwnFunction / Next.js-Flat-Prototype-Pollution
Prototype Pollution using `flat` with Next.js
☆101Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for Next.js-Flat-Prototype-Pollution
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- XS-Leaks Wiki☆150Updated 2 months ago
- Prototype Pollution in JavaScript☆75Updated 2 years ago
- 🐙 Cross-document messaging security research tool powered by https://enso.security☆280Updated last year
- ☆127Updated 3 years ago
- Searcher for cross-site leaks (XS-Leaks)☆81Updated last year
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆43Updated this week
- Here i will post my writeups :)☆31Updated last year
- Content-Security-Policy (CSP) Bypass Techniques☆45Updated 4 years ago
- List of Trusted Types bypasses☆85Updated 6 months ago
- No longer maintained. Timing attacks on a browsers cache to try to predict websites/subreddits that have been viewed☆10Updated 2 years ago
- Just some public notes that can be useful and i want let the world knows.☆86Updated 4 years ago
- Challenges I wrote for various CTF competitions☆39Updated 3 months ago
- Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…☆175Updated 3 years ago
- A Firefox Web Extension to improve the discovery of DOM XSS.☆250Updated last week
- Small example repo for looking into log4j CVE-2021-44228☆67Updated 2 years ago
- A tool for exploring Firebase datastores.☆204Updated 2 years ago
- Example of a vulnerable NodeJS+Express+MySQL service☆18Updated last year
- a Go code to detect leaks in JS files via regex patterns☆138Updated 3 years ago
- Go scripts for finding sensitive data like API key / some keywords in the github repository☆160Updated 2 years ago
- WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…☆51Updated 2 months ago
- GitHub Recon — and what you can achieve with it!☆110Updated 3 years ago
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆26Updated 3 years ago
- Rust-based high performance domain permutation generator.☆274Updated 11 months ago
- 🌯 Give me a web shell, I'll give you a terminal.☆182Updated 2 years ago
- The project aims at creating target-specific wordlists for any web application that you are testing.☆63Updated 2 years ago
- ☆87Updated 11 months ago
- XS-Leak Browser Test Suite☆73Updated 10 months ago
- ☆65Updated last year
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆130Updated 3 years ago