PwnFunction / Next.js-Flat-Prototype-Pollution
Prototype Pollution using `flat` with Next.js
☆101Updated last month
Related projects ⓘ
Alternatives and complementary repositories for Next.js-Flat-Prototype-Pollution
- Content-Security-Policy (CSP) Bypass Techniques☆47Updated 4 years ago
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- ☆128Updated 3 years ago
- Subdomain Takeover tool with web UI☆56Updated last year
- a Go code to detect leaks in JS files via regex patterns☆138Updated 3 years ago
- Obtain GraphQL API schema despite disabled introspection!☆52Updated 3 years ago
- A Firefox Web Extension to improve the discovery of DOM XSS.☆262Updated last week
- Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…☆175Updated 3 years ago
- A simple Bash one liner with aim to automate CRLF vulnerability scanning.☆68Updated 4 years ago
- Searcher for cross-site leaks (XS-Leaks)☆81Updated last year
- Open a DNS server that knows no records but records every request. Used for DNS exfiltration.☆68Updated 2 years ago
- Just some public notes that can be useful and i want let the world knows.☆86Updated 4 years ago
- DOM XSS Game☆74Updated 2 years ago
- Burp Bounty profiles compilation, feel free to contribute!☆145Updated 3 years ago
- ☆34Updated 3 years ago
- A tool for exploring Firebase datastores.☆205Updated 2 years ago
- WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…☆51Updated 2 months ago
- ☆142Updated this week
- Mario the game but you rescue the princess by hacking.☆22Updated 2 years ago
- The project aims at creating target-specific wordlists for any web application that you are testing.☆63Updated 2 years ago
- XS-Leaks Wiki☆151Updated 3 months ago
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆27Updated 3 years ago
- grapX will iterate through the URLs and grep the endpoints with all possible extensions.☆57Updated 3 years ago
- Unpack a JavaScript Source Map back into filesystem structure☆174Updated 4 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆130Updated 3 years ago
- The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform☆50Updated 4 years ago
- Discovery Header Bug Bounty to DoD☆46Updated 3 years ago
- This repo includes my analysis of some public reports.☆57Updated 4 years ago
- Prototype Pollution in JavaScript☆75Updated 2 years ago