d0nutptr / sicLinks
A tool to perform Sequential Import Chaining
β271Updated 5 years ago
Alternatives and similar repositories for sic
Users that are interested in sic are comparing it to the libraries listed below
Sorting:
- π΄ββ οΈ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files π΄ββ οΈβ201Updated 6 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requestsβ369Updated 11 months ago
- β129Updated 4 years ago
- DNS rebinding toolkitβ253Updated 2 years ago
- Automatic tool for DNS rebinding-based SSRF attacksβ304Updated 4 years ago
- Client Side Prototype Pollution Scannerβ518Updated 2 years ago
- researchβ151Updated last year
- β542Updated 3 months ago
- β682Updated 3 years ago
- A simple SSRF-testing sheriff written in Goβ328Updated 8 months ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.β261Updated 3 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.β315Updated 2 years ago
- β180Updated last month
- β693Updated 7 months ago
- Security Testing Scripts for JWTβ316Updated 3 years ago
- Simple DNS Rebinding Serviceβ670Updated 5 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.β348Updated 2 years ago
- β265Updated 6 years ago
- Predict Mongo ObjectIdsβ142Updated 7 years ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"β206Updated 2 years ago
- List DTDs and generate XXE payloads using those local DTDs.β633Updated last year
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cerβ¦β288Updated 6 months ago
- DOM XSS scanner for Single Page Applicationsβ413Updated last month
- Burp Suite Extension to monitor new scopeβ198Updated 4 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coderβ281Updated 7 years ago
- SSRF testing toolβ244Updated 2 years ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.β427Updated this week
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.β301Updated 2 years ago
- Apache Solr Injection Researchβ578Updated 5 years ago
- Simple "postMessage logger" Chrome extensionβ98Updated 5 years ago