anshumanpattnaik / http-request-smugglingLinks
HTTP Request Smuggling Detection Tool
☆514Updated last year
Alternatives and similar repositories for http-request-smuggling
Users that are interested in http-request-smuggling are comparing it to the libraries listed below
Sorting:
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆512Updated 3 years ago
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it☆452Updated last year
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆373Updated last week
- Gotator is a tool to generate DNS wordlists through permutations.☆481Updated 2 years ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆71Updated last year
- Smart context-based SSRF vulnerability scanner.☆353Updated 3 years ago
- ☆294Updated 2 years ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆628Updated 2 years ago
- A fuzzer for detecting open redirect vulnerabilities☆769Updated last year
- ☆521Updated 2 years ago
- This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contai…☆519Updated 7 months ago
- This tool use fuuzzing to try to bypass unknown authentication methods, who knows...☆248Updated 11 months ago
- Nuclei templates written by us.☆272Updated 3 years ago
- fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.☆825Updated last year
- This a adaption of tomnomnom's kxss tool with a different output format☆481Updated last year
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆364Updated last year
- A tool to check a bunch of URLs that contain reflecting params.☆584Updated 11 months ago
- Useful "Match and Replace" burpsuite rules☆348Updated last year
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆987Updated last month
- Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]☆218Updated 10 months ago
- A fast and minimal JS endpoint extractor☆367Updated 8 months ago
- hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.☆447Updated 3 years ago
- HackerOne "in scope" domains☆455Updated this week
- Automated learning of regexes for DNS discovery☆371Updated 2 years ago
- Burpsuite plugin for Interact.sh☆223Updated last year
- The Repository contains various payloads, tools, tips and tricks from various hackers around the world. Please take a quick look down her…☆197Updated last month
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆392Updated last week
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…☆253Updated 7 months ago
- Fetches javascript file from a list of URLS or subdomains.☆779Updated 2 years ago
- A comprehensive list of custom filters for Logger++ to identify various vulnerabilities in different API styles☆224Updated 9 months ago