barrracud4 / image-upload-exploits

Related projects ⓘ

Alternatives and complementary repositories for image-upload-exploits

• putsi / privatecollaborator
  A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
  ☆204Updated 4 months ago
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆294Updated last year
• 0xDexter0us / Scavenger
  Burp extension to create target specific and tailored wordlist from burp history.
  ☆231Updated 2 years ago
• msrkp / PPScan
  Client Side Prototype Pollution Scanner
  ☆511Updated 2 years ago
• GainSec / GoldenNuggets-1
  Burp Extension for easily creating Wordlists
  ☆210Updated 3 years ago
• honoki / bbrf-client
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆614Updated 6 months ago
• cramppet / regulator
  Automated learning of regexes for DNS discovery
  ☆358Updated last year
• benso-io / posta
  🐙 Cross-document messaging security research tool powered by https://enso.security
  ☆279Updated last year
• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆802Updated 2 years ago
• sw33tLie / sns
  IIS shortname scanner written in Go
  ☆311Updated last year
• w9w / JSA
  Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
  ☆399Updated last month
• Charlie-belmer / nosqli
  NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
  ☆355Updated 3 years ago
• trufflesecurity / xsshunter
  ☆353Updated 6 months ago
• nikitastupin / param-miner-doc
  Unofficial documentation for the great tool Param Miner
  ☆173Updated 2 years ago
• swoops / eval_villain
  A Firefox Web Extension to improve the discovery of DOM XSS.
  ☆250Updated this week
• BitTheByte / Monitorizer
  Monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools
  ☆265Updated 3 months ago
• BlackFan / content-type-research
  Content-Type Research
  ☆539Updated 9 months ago
• dwisiswant0 / gf-secrets
  Secret and/or credential patterns used for gf.
  ☆232Updated last year
• ihebski / XSS-Payloads
  Collection of XSS Payloads for fun and profit
  ☆168Updated 4 years ago
• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆608Updated 8 months ago
• root4loot / rescope
  Bugbounty scope tool
  ☆317Updated last month
• optiv / mobile-nuclei-templates
  ☆391Updated 3 years ago
• Josue87 / gotator
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆453Updated 2 years ago
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆262Updated last year
• sansatart / scrapts
  Scrapts Scrapts Scrapts
  ☆234Updated 6 months ago
• bp0lr / gauplus
  ☆285Updated 2 years ago
• assetnote / surf
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆532Updated 10 months ago
• mlcsec / headi
  Customisable and automated HTTP header injection
  ☆237Updated 4 months ago
• neex / http2smugl
  ☆528Updated 10 months ago
• kleiton0x00 / ppmap
  A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
  ☆493Updated 2 years ago