chenjj / Awesome-HTTPRequestSmuggling
A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! š»
ā120Updated 2 years ago
Related projects ā
Alternatives and complementary repositories for Awesome-HTTPRequestSmuggling
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.ā162Updated 3 years ago
- WordPress Plugin Update Confusionā67Updated 2 years ago
- Detects request smuggling via HTTP/2 downgrades.ā92Updated 2 years ago
- Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...ā145Updated 4 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or Lā¦ā130Updated 3 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.ā117Updated last year
- Run all your bug bounty VPN profiles in parallel and expose them via multiple local SOCKS proxies.ā105Updated 2 years ago
- ā162Updated 2 years ago
- Workshop given at Hack in Paris 2019ā121Updated last year
- Burpsuite plugin for Interact.shā198Updated 4 months ago
- ā278Updated 3 years ago
- Recurrent Neural Network SubDomain Discovery Toolā89Updated 2 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRFā295Updated 5 years ago
- Hidden parameters discovery suiteā221Updated last year
- This repo contains all the injections mentioned in my talk and enumerators.ā120Updated 11 months ago
- CRLF and open redirect fuzzerā109Updated 3 years ago
- Wordlist to bruteforce for LFIā118Updated 5 years ago
- Client-Side Prototype Pollution Toolsā84Updated 3 years ago
- ā91Updated 4 years ago
- Check AWS S3 instances for read/write/delete accessā121Updated 2 years ago
- Build your own reconnaissance system with Osmedeus Next Generationā180Updated last month
- ā143Updated 2 years ago
- Tools to assess the DNS security of web applicationsā125Updated 2 years ago
- Just some public notes that can be useful and i want let the world knows.ā86Updated 4 years ago
- A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.ā104Updated last week
- ā285Updated 2 years ago
- bug bounty disclosed reportsā110Updated 3 years ago
- Practice hacking JWT tokensā112Updated 2 years ago