chenjj / Awesome-HTTPRequestSmuggling
A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! š»
ā120Updated 2 years ago
Related projects ā
Alternatives and complementary repositories for Awesome-HTTPRequestSmuggling
- WordPress Plugin Update Confusionā67Updated 2 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.ā162Updated 3 years ago
- Burpsuite plugin for Interact.shā198Updated 4 months ago
- Hidden parameters discovery suiteā220Updated 2 years ago
- Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...ā145Updated 4 years ago
- Detects request smuggling via HTTP/2 downgrades.ā92Updated 2 years ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a pā¦ā101Updated 8 months ago
- Build your own reconnaissance system with Osmedeus Next Generationā180Updated 2 months ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRFā295Updated 5 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID securityā169Updated 3 weeks ago
- Workshop given at Hack in Paris 2019ā121Updated last year
- Wordlist to bruteforce for LFIā118Updated 5 years ago
- Check AWS S3 instances for read/write/delete accessā121Updated 2 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or Lā¦ā130Updated 3 years ago
- This repo contains all the injections mentioned in my talk and enumerators.ā121Updated 11 months ago
- CRLF and open redirect fuzzerā109Updated 3 years ago
- All known and unknown public POC's for wordpress themes and pluginsā78Updated 3 years ago
- Client-Side Prototype Pollution Toolsā84Updated 3 years ago
- ā91Updated 4 years ago
- A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.ā104Updated 3 weeks ago
- Just some public notes that can be useful and i want let the world knows.ā86Updated 4 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.ā105Updated 2 years ago
- ā163Updated 2 years ago
- Burp Extension that copies a request and builds a FFUF skeletonā107Updated last year
- Searcher for cross-site leaks (XS-Leaks)ā81Updated last year
- DNS rebinding toolkitā250Updated last year
- pFuzz helps us to bypass web application firewall by using different methods at the same time.ā157Updated 3 years ago