SonarSource / argument-injection-vectorsLinks
A curated list of argument injection vectors
☆41Updated 8 months ago
Alternatives and similar repositories for argument-injection-vectors
Users that are interested in argument-injection-vectors are comparing it to the libraries listed below
Sorting:
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆42Updated 9 months ago
- ☆116Updated 2 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆33Updated 7 months ago
- A PoC exploit for CVE-2022-41622 - a CSRF in F5 BIG-IP control plane that leads to remote root☆21Updated 2 years ago
- An Evil OIDC Server☆54Updated 2 years ago
- ☆33Updated 2 years ago
- ☆86Updated 2 months ago
- A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.☆26Updated 11 months ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Updated last year
- A collection of my Semgrep rules☆50Updated 2 years ago
- Blogpost series showcasing interesting cloud - web app security bugs☆49Updated 2 years ago
- ☆21Updated 3 weeks ago
- This repository offers insights and a proof-of-concept tool to exploit two significant deserialization vulnerabilities in Inductive Autom…☆45Updated last year
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Updated 7 months ago
- Collection of Semgrep rules for security analysis☆10Updated last year
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- Manager of third-party sources of Semgrep rules 🗂☆88Updated last year
- Command line fuzzer and bruteforcer 🌪 wfuzz for command☆90Updated 3 years ago
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated 2 years ago
- ☆169Updated 4 years ago
- using ML models for red teaming☆44Updated 2 years ago
- A collection of utilities for building extensions using Burp's Montoya API☆52Updated last year
- php7.4.26-internalog☆13Updated 2 years ago
- ☆31Updated 2 years ago
- Python's handling of NaN is....interesting?broken?...this project illustrates the issue☆13Updated 3 years ago
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆21Updated 8 months ago
- an Evil Java RMI Registry.☆51Updated 2 years ago
- A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes☆43Updated 2 years ago
- Java archive implant toolkit.☆61Updated 5 months ago
- An extension to use Semgrep inside Burp Suite.☆89Updated 4 months ago