bahruzjabiyev / t-reqs

Related projects ⓘ

Alternatives and complementary repositories for t-reqs

• elttam / semgrep-rules
  ☆175Updated 2 weeks ago
• KTH-LangSec / silent-spring
  Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
  ☆56Updated 10 months ago
• epi052 / feroxfuzz
  A structure-aware HTTP fuzzing library
  ☆206Updated last year
• bahruzjabiyev / frameshifter
  Grammar-based HTTP/2 fuzzer with mutation ability
  ☆42Updated 2 years ago
• ZeddYu / HTTP-Smuggling-Lab
  Use HTTP Smuggling Lab to learn HTTP Smuggling.
  ☆344Updated 2 years ago
• cezary-sec / awesome-browser-security
  A curated list of awesome browser security learning material.
  ☆130Updated 2 years ago
• Brum3ns / firefly
  Black box fuzzer for web applications
  ☆404Updated 4 months ago
• veracode-research / spring-view-manipulation
  When MVC magic turns black
  ☆286Updated 4 years ago
• whitesquirrell / C0deVari4nt
  A variant analysis and visualisation tool that scans codebases for similar vulnerabilities
  ☆69Updated 2 years ago
• SecuraBV / jws2pubkey
  jws2pubkey tool
  ☆37Updated 5 months ago
• StarCrossPortal / bug-hunting-101
  ☆319Updated 2 years ago
• u21h2 / AutoSpear
  AutoSpear
  ☆54Updated 10 months ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆169Updated 3 weeks ago
• KTH-LangSec / server-side-prototype-pollution
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆133Updated 2 months ago
• AvalZ / WAF-A-MoLE
  A guided mutation-based fuzzer for ML-based Web Application Firewalls
  ☆171Updated 8 months ago
• cvebase / cvebase.com
  cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vul…
  ☆139Updated 3 years ago
• WSP-LAB / FUGIO
  FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities
  ☆90Updated 11 months ago
• xscorp / jsmug
  A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
  ☆112Updated 7 months ago
• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆81Updated last year
• SoheilKhodayari / TheThing
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆40Updated last year
• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆252Updated 4 months ago
• trickest / find-gh-poc
  Find CVE PoCs on GitHub
  ☆137Updated last year
• synacktiv / QLinspector
  Finding Java gadget chains with CodeQL
  ☆159Updated 3 months ago
• duc-nt / RCE-0-day-for-GhostScript-9.50
  RCE 0-day for GhostScript 9.50 - Payload generator
  ☆540Updated 3 years ago
• GoSecure / template-injection-workshop
  Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
  ☆121Updated last year
• ambionics / lightyear
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆59Updated 2 weeks ago
• PalindromeLabs / Java-Deserialization-CVEs
  Compiled dataset of Java deserialization CVEs
  ☆60Updated 4 years ago
• makuga01 / dnsFookup
  DNS rebinding toolkit
  ☆250Updated last year
• GitHubSecurityLab / CodeQL-Community-Packs
  Collection of community-driven CodeQL query, library and extension packs
  ☆74Updated last week
• terjanq / same-origin-xss
  Same Origin XSS challenge
  ☆56Updated 2 years ago