TROUBLE-1 / Type-juggling
Lab that will help you to understand how type juggling vulnerability works.
☆22Updated 4 years ago
Alternatives and similar repositories for Type-juggling:
Users that are interested in Type-juggling are comparing it to the libraries listed below
- Simple tool to test for SSRF/OOB HTTP Read within the Path of a request☆30Updated 5 years ago
- Updated 4 years ago
- ☆48Updated 4 years ago
- Offsec Pentest and Bug Bounty Notes☆24Updated 4 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …☆40Updated 3 years ago
- ☆32Updated 5 years ago
- web-based-fuzzer☆32Updated 4 years ago
- A collection of scripts for bug-bounty related stuff☆38Updated 4 years ago
- Subvenkon is a subdomain enumerator from Venkon☆23Updated 4 years ago
- ☆15Updated 4 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆35Updated 10 months ago
- This Burp extension helps you to find usages of postMessage and recvMessage☆15Updated 5 years ago
- Get all possible href | src | url from target url or domain☆41Updated 4 years ago
- ☆17Updated last year
- Extract SSL certificate data (Subject Name, Subject Alt Names, Organisation)☆42Updated 2 months ago
- Extract subdomains from rapiddns.io☆23Updated 2 years ago
- My recon script☆50Updated 5 years ago
- Collection of content discovery wordlists in one wordlist.☆38Updated 3 years ago
- ☆24Updated 4 years ago
- Bug Bounty Tools☆34Updated 4 years ago
- Instant access to you bug bounty submission dashboard on various platforms + publicly disclosed reports + #bugbountytip☆22Updated 4 years ago
- Burp extension to generate multi-step CSRF POC.☆30Updated 5 years ago
- Slide Decks and Supporting Content of talks given for Bugcrowd☆17Updated 5 years ago
- ☆35Updated 2 months ago
- Go fish for AWS EIPs☆46Updated 4 years ago
- AWS S3 Bucket Finder.☆15Updated 5 years ago
- This script scrapes the list of open Bug Bounty Programs from openbugbounty.org☆27Updated 3 years ago
- Security test tool for Blind XSS☆26Updated 5 years ago
- Send notifications on different channels such as Slack, Telegram, Discord etc.☆39Updated last year