d0nutptr / sicLinks
A tool to perform Sequential Import Chaining
☆282Updated 6 years ago
Alternatives and similar repositories for sic
Users that are interested in sic are comparing it to the libraries listed below
Sorting:
- ☆685Updated 3 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆304Updated 5 years ago
- Client Side Prototype Pollution Scanner☆521Updated 3 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆376Updated last year
- ☆130Updated 4 years ago
- research☆151Updated last year
- ☆554Updated 7 months ago
- DNS rebinding toolkit☆255Updated 2 years ago
- 🏴☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴☠️☆202Updated 6 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆316Updated 2 years ago
- A simple SSRF-testing sheriff written in Go☆332Updated 11 months ago
- Simple DNS Rebinding Service☆701Updated 5 years ago
- SSRF testing tool☆244Updated 2 years ago
- ☆701Updated 11 months ago
- List DTDs and generate XXE payloads using those local DTDs.☆639Updated last year
- Security Testing Scripts for JWT☆322Updated 3 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆349Updated 2 years ago
- Predict Mongo ObjectIds☆145Updated 7 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆264Updated 3 years ago
- ☆182Updated 4 months ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆210Updated 2 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆299Updated 2 years ago
- ☆266Updated 6 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆289Updated 9 months ago
- A tool which scrapes public github repositories for common naming conventions in variables, folders and files☆296Updated last year
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆282Updated 8 years ago
- DOM XSS scanner for Single Page Applications☆415Updated last week
- Burp Suite Extension to monitor new scope☆200Updated 4 years ago
- The Serverless Blind XSS App☆340Updated 5 months ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆443Updated this week