barrracud4/image-upload-exploits

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/barrracud4/image-upload-exploits)

barrracud4 / image-upload-exploits

This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests and bug bounty.

☆353

Alternatives and similar repositories for image-upload-exploits

Users that are interested in image-upload-exploits are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

hackerscrolls / SecurityTips
View on GitHub
☆1,013Jan 22, 2022Updated 4 years ago
Raz0r / aemscan
View on GitHub
Adobe Experience Manager Vulnerability Scanner
☆187May 22, 2023Updated 2 years ago
httpvoid / writeups
View on GitHub
☆1,202Sep 2, 2022Updated 3 years ago
SPbCTF / hackbattle-phdays2019
View on GitHub
Tasks from Hack Battle by SPbCTF at PHDays 9
☆10Mar 20, 2021Updated 5 years ago
allanlw / svg-cheatsheet
View on GitHub
A cheatsheet for exploiting server-side SVG processors.
☆798Jul 2, 2020Updated 5 years ago
AI Agents on DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
NagliNagli / Shockwave-OSS
View on GitHub
☆755Jun 26, 2024Updated last year
akabe1 / OAUTHScan
View on GitHub
Burp Suite Extension useful to verify OAUTHv2 and OpenID security
☆176Oct 26, 2024Updated last year
msrkp / PPScan
View on GitHub
Client Side Prototype Pollution Scanner
☆524Sep 17, 2022Updated 3 years ago
rumiljonov / fireburp
View on GitHub
Highlighting different firefox containers in Burp Proxy
☆12Dec 4, 2020Updated 5 years ago
DigeeX / raider
View on GitHub
DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
☆139Sep 14, 2021Updated 4 years ago
hahwul / can-i-protect-xss
View on GitHub
Everything about xss protection technology
☆14Oct 22, 2019Updated 6 years ago
Sh1Yo / x8
View on GitHub
Hidden parameters discovery suite
☆2,050Sep 8, 2024Updated last year
cujanovic / SSRF-Testing
View on GitHub
SSRF (Server Side Request Forgery) testing resources
☆2,489Oct 12, 2024Updated last year
BlackFan / cspp-tools
View on GitHub
Client-Side Prototype Pollution Tools
☆88Sep 21, 2021Updated 4 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
neex / http2smugl
View on GitHub
☆563Mar 27, 2025Updated last year
indianajson / can-i-take-over-dns
View on GitHub
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
☆1,088Mar 3, 2025Updated last year
optiv / mobile-nuclei-templates
View on GitHub
☆436Jun 1, 2021Updated 4 years ago
NitinYadav00 / gf-patterns
View on GitHub
Some of the gf patterns which i use
☆44Jan 19, 2022Updated 4 years ago
assetnote / kiterunner
View on GitHub
Contextual Content Discovery Tool
☆3,158Apr 29, 2024Updated 2 years ago
Cgboal / exclude-cdn
View on GitHub
Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin
☆45Mar 13, 2023Updated 3 years ago
defparam / h1data
View on GitHub
☆23Mar 29, 2022Updated 4 years ago
iangcarroll / cookiemonster
View on GitHub
🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
☆970Jan 10, 2025Updated last year
bp0lr / dmut
View on GitHub
A tool to perform permutations, mutations and alteration of subdomains in golang.
☆157Nov 24, 2023Updated 2 years ago
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
xm1k3 / cent
View on GitHub
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…
☆1,042Aug 23, 2025Updated 8 months ago
0xmoot / s3sec
View on GitHub
Check AWS S3 instances for read/write/delete access
☆121Feb 8, 2022Updated 4 years ago
0xtz / Enum_For_All
View on GitHub
☆166Jul 1, 2020Updated 5 years ago
neex / ghostinthepdf
View on GitHub
☆170Oct 4, 2021Updated 4 years ago
six2dez / OneListForAll
View on GitHub
Rockyou for web fuzzing
☆3,141Mar 11, 2026Updated last month
mprunet / burp-scripting
View on GitHub
☆13Oct 3, 2023Updated 2 years ago
detectify / page-fetch
View on GitHub
Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…
☆528Apr 23, 2025Updated last year
yashrs / Hackerone_Private_Hacktivity_Chrome_Extention
View on GitHub
☆18Apr 26, 2021Updated 5 years ago
assetnote / blind-ssrf-chains
View on GitHub
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
☆968Dec 31, 2021Updated 4 years ago
Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
streaak / keyhacks
View on GitHub
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
☆6,197Aug 14, 2024Updated last year
sw33tLie / ugly-scripts
View on GitHub
A collection of scripts for bug-bounty related stuff
☆39Sep 4, 2020Updated 5 years ago
emadshanab / Burp-Bounty-free-Profiles-Collection
View on GitHub
☆45Jun 5, 2021Updated 4 years ago
dumorewithcode / purl
View on GitHub
☆38Aug 27, 2022Updated 3 years ago
Proviesec / directory-files-payload-lists
View on GitHub
Directory scans
☆87Jan 7, 2026Updated 3 months ago
GrrrDog / weird_proxies
View on GitHub
Reverse proxies cheatsheet
☆1,863Nov 4, 2023Updated 2 years ago
minight / h2csmuggler
View on GitHub
☆29Sep 25, 2020Updated 5 years ago