ambionics / scalpelView external linksLinks
Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
☆68May 31, 2024Updated last year
Alternatives and similar repositories for scalpel
Users that are interested in scalpel are comparing it to the libraries listed below
Sorting:
- Piper Burp Suite Extender plugin☆16Jan 15, 2026Updated 3 weeks ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆148Dec 9, 2024Updated last year
- ☆64Oct 17, 2025Updated 3 months ago
- Terraform provider for command execution☆12Mar 16, 2020Updated 5 years ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Nov 30, 2025Updated 2 months ago
- some fun php exploits☆81Nov 12, 2024Updated last year
- ☆91Apr 29, 2024Updated last year
- Toolkit for creating cryptographic figures and videos.☆36May 17, 2024Updated last year
- php decrypt environment for study☆17Jan 10, 2024Updated 2 years ago
- GNU IFUNC is the real culprit behind CVE-2024-3094☆19Sep 4, 2024Updated last year
- ☆17Jul 12, 2024Updated last year
- HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy + Exploit Timing Attacks☆212Jan 30, 2026Updated 2 weeks ago
- ☆35Jun 21, 2024Updated last year
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Aug 5, 2024Updated last year
- HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets☆35Sep 23, 2022Updated 3 years ago
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆769Dec 9, 2025Updated 2 months ago
- A Burp Extension that makes it easier to view all script code on a Response.☆17Nov 12, 2023Updated 2 years ago
- slides for talk given during uscg 2023 combine☆38Sep 6, 2023Updated 2 years ago
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆290Apr 9, 2024Updated last year
- Very Simple Fuzzer☆21Jun 12, 2020Updated 5 years ago
- Topic: The Swiss Army Knife of Java Exploitation☆21Feb 25, 2025Updated 11 months ago
- A tool to inspect and attack version 1 GUIDs☆239Oct 13, 2022Updated 3 years ago
- Creates Kubernetes Golden Tickets through ServiceAccount token forging and user certificate forging.☆51Mar 3, 2025Updated 11 months ago
- CLI tool for tracking dependents repositories and sorting result by Stars ⭐☆43Jan 25, 2024Updated 2 years ago
- Burp Plugin to Bypass WAFs through the insertion of Junk Data☆1,417Jul 14, 2025Updated 7 months ago
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆157Updated this week
- A PoC to deploy a Sliver Agent with amsi bypass, process injection, hollowing and OpSec☆27Oct 2, 2024Updated last year
- Burp Extension to add additional functionality for pentesting websocket based applications☆103Aug 27, 2025Updated 5 months ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆355Dec 14, 2023Updated 2 years ago
- ☆138Nov 9, 2024Updated last year
- ☆95Sep 18, 2021Updated 4 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆110Jun 23, 2025Updated 7 months ago
- JMX enumeration and attacking tool.☆494Jun 26, 2025Updated 7 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆158Jul 2, 2024Updated last year
- Python code to Serialize and Unserialize java binary serialization format.☆30Jan 9, 2026Updated last month
- fastjson auto type derivation search☆21Aug 19, 2021Updated 4 years ago
- Differential testing framework for HTTP implementations☆919Jan 21, 2026Updated 3 weeks ago
- 批量扫描并恢复sourcemap的源代码文件☆54Nov 2, 2023Updated 2 years ago
- Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()☆502Sep 30, 2024Updated last year