chenjj / Awesome-HTTPRequestSmuggling

Related projects ⓘ

Alternatives and complementary repositories for Awesome-HTTPRequestSmuggling

• vavkamil / wp-update-confusion
  WordPress Plugin Update Confusion
  ☆67Updated 2 years ago
• Static-Flow / BurpSuiteAutoCompletion
  This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
  ☆162Updated 3 years ago
• wdahlenburg / interactsh-collaborator
  Burpsuite plugin for Interact.sh
  ☆198Updated 4 months ago
• Impact-I / x8-Burp
  Hidden parameters discovery suite
  ☆220Updated 2 years ago
• xer0times / BugBounty
  Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...
  ☆145Updated 4 years ago
• riramar / h2rs
  Detects request smuggling via HTTP/2 downgrades.
  ☆92Updated 2 years ago
• HLOverflow / XXE-study
  This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…
  ☆101Updated 8 months ago
• osmedeus / osmedeus-base
  Build your own reconnaissance system with Osmedeus Next Generation
  ☆180Updated 2 months ago
• SpiderMate / B-XSSRF
  Toolkit to detect and keep track on Blind XSS, XXE & SSRF
  ☆295Updated 5 years ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆169Updated 3 weeks ago
• GoSecure / xxe-workshop
  Workshop given at Hack in Paris 2019
  ☆121Updated last year
• hussein98d / LFI-files
  Wordlist to bruteforce for LFI
  ☆118Updated 5 years ago
• 0xmoot / s3sec
  Check AWS S3 instances for read/write/delete access
  ☆121Updated 2 years ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆130Updated 3 years ago
• PortSwigger / portable-data-exfiltration
  This repo contains all the injections mentioned in my talk and enumerators.
  ☆121Updated 11 months ago
• dubs3c / Injectus
  CRLF and open redirect fuzzer
  ☆109Updated 3 years ago
• Mad-robot / wordpress-exploits
  All known and unknown public POC's for wordpress themes and plugins
  ☆78Updated 3 years ago
• BlackFan / cspp-tools
  Client-Side Prototype Pollution Tools
  ☆84Updated 3 years ago
• imrannissar / Content-discovery
  ☆91Updated 4 years ago
• Fadavvi / Sub-Drill
  A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
  ☆104Updated 3 weeks ago
• zeroc00I / ReconNotes
  Just some public notes that can be useful and i want let the world knows.
  ☆86Updated 4 years ago
• random-robbie / ssrf-finder
  Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
  ☆105Updated 2 years ago
• emadshanab / Nmap-NSE-scripts-collection
  ☆163Updated 2 years ago
• d3k4z / burp-copy-as-ffuf
  Burp Extension that copies a request and builds a FFUF skeleton
  ☆107Updated last year
• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆81Updated last year
• makuga01 / dnsFookup
  DNS rebinding toolkit
  ☆250Updated last year
• RedSection / pFuzz
  pFuzz helps us to bypass web application firewall by using different methods at the same time.
  ☆157Updated 3 years ago