attackercan / regexp-security-cheatsheet
☆716Updated 2 years ago
Alternatives and similar repositories for regexp-security-cheatsheet:
Users that are interested in regexp-security-cheatsheet are comparing it to the libraries listed below
- Exploitation for XSS☆711Updated 3 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,067Updated 2 months ago
- bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.☆525Updated last year
- List of XSS Vectors/Payloads☆1,214Updated last month
- ☆1,298Updated 2 weeks ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆641Updated 6 years ago
- A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…☆1,215Updated last year
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆695Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,385Updated 4 months ago
- Create tar/zip archives that can exploit directory traversal vulnerabilities☆992Updated 3 years ago
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆450Updated 5 years ago
- The XSS Hunter service - a portable version of XSSHunter.com☆1,512Updated 2 years ago
- Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex☆398Updated 2 years ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆634Updated 6 years ago
- Vulnerability scanner based on vulners.com search API☆847Updated 10 months ago
- ☆972Updated last month
- Browser's XSS Filter Bypass Cheat Sheet☆1,119Updated 7 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆348Updated 6 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆619Updated last year
- BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…☆545Updated 2 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆716Updated 5 years ago
- Automatically exported from code.google.com/p/domxsswiki☆521Updated 6 years ago
- Automated script for performing Padding Oracle attacks☆765Updated 7 months ago
- Multi Tool Subdomain Enumeration☆725Updated 3 years ago
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,379Updated last month
- A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.☆693Updated 9 months ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,708Updated 9 months ago
- Subdomain Takeover tool written in Go☆1,940Updated last year
- Simple DNS Rebinding Service☆642Updated 5 years ago
- A wordlist of API names for web application assessments☆787Updated 2 years ago