cnotin / RazorVulnerableApp
DO NOT USE: this is a vulnerable ASP.NET web app using Razor templating engine. The vulnerability is a Server-Side Template Injection (SSTI). For training and testing purposes.
☆26Updated 4 years ago
Alternatives and similar repositories for RazorVulnerableApp:
Users that are interested in RazorVulnerableApp are comparing it to the libraries listed below
- #BugBounty #BugBounty Tools #WebDeveloper Tool☆37Updated 5 years ago
- Exploits developed by Mikael Kall☆47Updated last year
- ☆34Updated last month
- 该脚本为Citrix XenMobile 目录遍历漏洞(CVE-2020-8209)批量检测脚本。☆31Updated 4 years ago
- YSOSERIAL Integration with burp suite☆40Updated 3 years ago
- A Burp extension to show the Collaborator client in a tab☆23Updated 2 years ago
- A Burp Suite extension to add a custom header (e.g. JWT)☆19Updated 3 years ago
- This Burp Suite extension allows you to customize header with put a new header into HTTP REQUEST BurpSuite (Scanner, Intruder, Repeater, …☆53Updated last year
- Auto Recon Bash Script☆30Updated 2 months ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆46Updated 4 years ago
- Writeup of CVE-2020-15906☆47Updated 4 years ago
- Insecure Deserialization, PDF and lab☆17Updated 5 years ago
- JSON Beautifier for Burp written in Java☆39Updated 4 years ago
- CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE☆32Updated 4 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆75Updated 4 years ago
- POC Script for CVE-2020-12800: RCE through Unrestricted File Type Upload☆27Updated 2 years ago
- miscellaneous security research stuff☆37Updated 5 years ago
- Broken Link Hijacking Burp Extension☆56Updated 5 years ago
- Tool is to check for Cache Deception Attack Both For Authenticated and UnAuthenticated Pages☆43Updated 3 years ago
- client-side prototype pullution vulnerability scanner☆46Updated 3 years ago
- Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data☆26Updated 3 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆39Updated 3 years ago
- Burp extension to generate multi-step CSRF POC.☆29Updated 5 years ago
- Nmap script to check vulnerability CVE-2021-21972☆28Updated 4 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆35Updated 9 months ago
- Fast Subdomain Enumeration Tool made with Bash only 💯☆15Updated 3 years ago
- Guide For WAF Bypass Techniques☆25Updated 4 years ago
- ☆31Updated 5 years ago
- ☆49Updated 4 years ago
- ☆53Updated 3 years ago