SaneBow / redirect-fuzzer

Related projects: ⓘ

• opnsec / postMessage-logger
  Simple "postMessage logger" Chrome extension
  ☆92Updated 4 years ago
• BlackFan / WEB-INF-dict
  List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.
  ☆81Updated 6 years ago
• Lopseg / Jsdir
  Jsdir is a Burp Suite extension that extracts hidden paths from js files and beautifies it for further reading.
  ☆112Updated 4 years ago
• err0rr / SSTI
  ☆38Updated 4 years ago
• p3n73st3r / Ghazi
  Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…
  ☆108Updated 5 years ago
• PalindromeLabs / Java-Deserialization-CVEs
  Compiled dataset of Java deserialization CVEs
  ☆60Updated 4 years ago
• StefanMichielse / generate_xxe_payloads
  This tool is just after the first refactoring pushed. Original is from Will Vandevanter (BuffaloWill). Only rearrange the code which will…
  ☆32Updated 8 years ago
• kapytein / jsonp
  jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.
  ☆149Updated 3 years ago
• Symbo1 / facebook-bug-bounties
  Hacking Facebook for fun and profit: It’s not that hard, apparently (exclusive)
  ☆60Updated 5 years ago
• giteshnxtlvl / YourNextBugTip
  ☆87Updated this week
• buffered4ever / Exploits
  None of the exploit code or research is my own but all available in public domain
  ☆27Updated 5 years ago
• jas502n / CVE-2019-11581
  Atlassian JIRA Template injection vulnerability RCE
  ☆93Updated 5 years ago
• PortSwigger / scan-check-builder
  Burp Bounty is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
  ☆69Updated 2 years ago
• doyensec / StandardizedImageProcessingTest
  A test suite built with Mocha/Chai to test for behavioral differences between image libraries for the web
  ☆68Updated 4 years ago
• arbazkiraak / LinksDumper
  Extract (links/possible endpoints) from responses & filter them via decoding/sorting
  ☆84Updated 5 years ago
• x41sec / BeanStack
  X41 BeanStack - Stack Trace Fingerprinting BETA
  ☆52Updated 3 years ago
• RandomRobbieBF / grafana-ssrf
  Authenticated SSRF in Grafana
  ☆76Updated 2 months ago
• spaceraccoon / spring-boot-actuator-h2-rce
  Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database
  ☆103Updated 4 years ago
• vinothsparrow / iframe-broker
  Extension to log iframe and cross window communications.
  ☆53Updated last year
• mzer0one / CVE-2020-7961-POC
  ☆116Updated 4 years ago
• lc / 230-OOB
  An Out-of-Band XXE server for retrieving file contents over FTP.
  ☆171Updated 4 years ago
• 0ang3el / Unsafe-JAX-RS-Burp
  Burp Suite extension for JAX-RS
  ☆65Updated 7 years ago
• SbIm / ExtractSubdomainFromFDNS
  ExtractSubdomainFromFDNS, updating
  ☆33Updated 5 years ago
• pimps / gopher-tomcat-deployer
  Gopher Tomcat Deployer
  ☆47Updated 5 years ago
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆123Updated 5 years ago
• jas502n / CVE-2019-16278
  Directory transversal to remote code execution
  ☆69Updated 4 years ago
• pwntester / DupeKeyInjector
  DupeKeyInjector
  ☆134Updated 2 years ago
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆121Updated 6 years ago
• jimen0 / differer
  differer finds how URLs are parsed by different languages in order to help bug hunters break filters
  ☆63Updated 4 years ago
• synacktiv / burp-jq
  Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.
  ☆42Updated 3 years ago