chenjj / Awesome-HTTPRequestSmuggling
A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! š»
ā124Updated 2 years ago
Alternatives and similar repositories for Awesome-HTTPRequestSmuggling:
Users that are interested in Awesome-HTTPRequestSmuggling are comparing it to the libraries listed below
- WordPress Plugin Update Confusionā66Updated 3 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.ā164Updated 4 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.ā109Updated 3 years ago
- Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...ā147Updated 4 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or Lā¦ā132Updated 4 years ago
- Detects request smuggling via HTTP/2 downgrades.ā92Updated 2 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRFā295Updated 5 years ago
- All known and unknown public POC's for wordpress themes and pluginsā78Updated 3 years ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file pathā103Updated 4 years ago
- Script to test open Akamai ARL vulnerability.ā71Updated 3 years ago
- CRLF and open redirect fuzzerā112Updated 3 years ago
- A XSS mind map ;)ā56Updated 9 years ago
- XSS Payload without Anything.ā105Updated 5 years ago
- Hidden parameters discovery suiteā223Updated 2 years ago
- Practice hacking JWT tokensā114Updated 2 years ago
- Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.ā125Updated 2 years ago
- This repo contains all the injections mentioned in my talk and enumerators.ā125Updated last year
- Burpsuite plugin for Interact.shā220Updated 10 months ago
- Nuclei templates written by us.ā269Updated 3 years ago
- Collection of XSS Payloads for fun and profitā177Updated 4 years ago
- Authenticated SSRF in Grafanaā82Updated 10 months ago
- Common Web Managers Fuzz Wordlistsā172Updated last month
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a pā¦ā105Updated last year
- ā40Updated 2 years ago
- DNS rebinding toolkitā252Updated last year
- A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTFā166Updated 5 years ago
- bug bounty disclosed reportsā113Updated 2 months ago
- Wordlist to bruteforce for LFIā123Updated 5 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.ā180Updated 3 years ago
- Collection of quirky behaviours of code and the CTF challenges that I made around them.ā27Updated 4 years ago