ZeddYu/HTTP-Smuggling-Lab external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ZeddYu/HTTP-Smuggling-Lab

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ZeddYu/HTTP-Smuggling-Lab)

Close

ZeddYu / HTTP-Smuggling-LabView on GitHubMore

• External links
• Readme badge

Use HTTP Smuggling Lab to learn HTTP Smuggling.

☆347Nov 20, 2022Updated 3 years ago

Alternatives and similar repositories for HTTP-Smuggling-Lab

Users that are interested in HTTP-Smuggling-Lab are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• veracode-research / solr-injection

  View on GitHub
  Apache Solr Injection Research
  ☆581Jan 28, 2020Updated 6 years ago
• andresriancho / jwt-fuzzer

  View on GitHub
  JWT fuzzer
  ☆107Jul 24, 2018Updated 7 years ago
• BishopFox / GadgetProbe

  View on GitHub
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆615Mar 4, 2021Updated 5 years ago
• jmdx / TLS-poison

  View on GitHub
  ☆705Nov 27, 2024Updated last year
• PortSwigger / http-request-smuggler

  View on GitHub
  ☆1,206Apr 28, 2026Updated 3 weeks ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• 0ang3el / websocket-smuggle

  View on GitHub
  Issues with WebSocket reverse proxying allowing to smuggle HTTP requests
  ☆394Aug 15, 2024Updated last year
• phith0n / realworldctf

  View on GitHub
  My Real World CTF challenges
  ☆115Sep 19, 2019Updated 6 years ago
• mpgn / CVE-2019-0192

  View on GitHub
  RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
  ☆210Mar 10, 2019Updated 7 years ago
• orangetw / awesome-jenkins-rce-2019

  View on GitHub
  There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
  ☆608May 17, 2019Updated 7 years ago
• waderwu / attackRmi

  View on GitHub
  attackRmi
  ☆258Oct 14, 2020Updated 5 years ago
• opensec-cn / chip

  View on GitHub
  a simple tool to detect potential security threat in php code
  ☆316Sep 9, 2024Updated last year
• Lonely-night / fastjson_gadgets_scanner

  View on GitHub
  ☆131Jun 17, 2022Updated 3 years ago
• iceyhexman / flask_memory_shell

  View on GitHub
  Flask 内存马
  ☆313Mar 26, 2021Updated 5 years ago
• arbazkiraak / LinksDumper

  View on GitHub
  Extract (links/possible endpoints) from responses & filter them via decoding/sorting
  ☆93Aug 27, 2019Updated 6 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• BishopFox / h2csmuggler

  View on GitHub
  HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
  ☆792May 10, 2022Updated 4 years ago
• jas502n / kibana-RCE

  View on GitHub
  kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609
  ☆89Oct 22, 2019Updated 6 years ago
• irsdl / httpninja

  View on GitHub
  HTTP.ninja
  ☆148Sep 3, 2023Updated 2 years ago
• modzero / mod0BurpUploadScanner

  View on GitHub
  HTTP file upload scanner for Burp Proxy
  ☆490Dec 25, 2023Updated 2 years ago
• neex / http2smugl

  View on GitHub
  ☆563Mar 27, 2025Updated last year
• tarunkant / Gopherus

  View on GitHub
  This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
  ☆3,359Apr 18, 2023Updated 3 years ago
• TheTwitchy / xxer

  View on GitHub
  A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
  ☆519Jul 29, 2020Updated 5 years ago
• wagiro / BurpBounty

  View on GitHub
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
  ☆1,802Apr 26, 2024Updated 2 years ago
• Mel0day / RedTeam-BCS

  View on GitHub
  BCS（北京网络安全大会）2019 红队行动会议重点内容
  ☆821Sep 4, 2019Updated 6 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• lufeirider / CVE-2019-2725

  View on GitHub
  CVE-2019-2725 命令回显
  ☆435May 8, 2023Updated 3 years ago
• GoSecure / dtd-finder

  View on GitHub
  List DTDs and generate XXE payloads using those local DTDs.
  ☆659Feb 21, 2024Updated 2 years ago
• l3m0n / Bypass_Disable_functions_Shell

  View on GitHub
  一个各种方式突破Disable_functions达到命令执行的shell
  ☆1,194Oct 17, 2023Updated 2 years ago
• threedr3am / gadgetinspector

  View on GitHub
  一个利用ASM对字节码进行污点传播分析的静态代码审计应用（添加了大量代码注释，适合大家进行源码学习）。也加入了挖掘Fastjson反序列化gadget chains和SQLInject（JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等）静…
  ☆457Mar 24, 2022Updated 4 years ago
• wuppp / shiro_rce_exp

  View on GitHub
  Shiro RCE (Padding Oracle Attack)
  ☆148Nov 15, 2019Updated 6 years ago
• nccgroup / CollaboratorPlusPlus

  View on GitHub
  ☆148Feb 17, 2022Updated 4 years ago
• Regala / burp-scope-monitor

  View on GitHub
  Burp Suite Extension to monitor new scope
  ☆200Mar 31, 2021Updated 5 years ago
• msrkp / PPScan

  View on GitHub
  Client Side Prototype Pollution Scanner
  ☆525Sep 17, 2022Updated 3 years ago
• filedescriptor / untrusted-types

  View on GitHub
  ☆698Jul 4, 2022Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• Nu1LCTF / n1ctf-2019

  View on GitHub
  ☆119Mar 21, 2020Updated 6 years ago
• projectzeroindia / CVE-2019-11510

  View on GitHub
  Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)
  ☆362Jan 11, 2020Updated 6 years ago
• l1nk3rlin / CVE-2019-2890

  View on GitHub
  ☆85Dec 6, 2019Updated 6 years ago
• ameenmaali / qsfuzz

  View on GitHub
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆302Feb 12, 2023Updated 3 years ago
• whitel1st / docem

  View on GitHub
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆684Jan 28, 2024Updated 2 years ago
• GrrrDog / Java-Deserialization-Cheat-Sheet

  View on GitHub
  The cheat sheet about Java Deserialization vulnerabilities
  ☆3,178May 26, 2023Updated 2 years ago
• momika233 / Joomla-3.4.6-RCE

  View on GitHub
  Joomla 3.4.6 – Remote Code Execution
  ☆108Jan 31, 2024Updated 2 years ago