dhmosfunk / CVE-2023-25690-POC
CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.
☆269Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for CVE-2023-25690-POC
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆246Updated 7 months ago
- Enumerate / Dump Docker Registry☆162Updated 7 months ago
- ☆235Updated 3 years ago
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆338Updated this week
- Smart context-based SSRF vulnerability scanner.☆347Updated 2 years ago
- A comprehensive list of custom filters for Logger++ to identify various vulnerabilities in different API styles☆211Updated last month
- i will upload more templates here to share with the comunity.☆528Updated 7 months ago
- Bambdas collection for Burp Suite Professional and Community.☆206Updated 3 weeks ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆248Updated 6 months ago
- fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.☆736Updated last year
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆378Updated last year
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆50Updated 6 months ago
- ☆512Updated 4 months ago
- Local File Inclusion discovery and exploitation tool☆224Updated last month
- Unauthenticated Remote Code Execution – Bricks <= 1.9.6☆149Updated 8 months ago
- CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator☆270Updated last year
- Fuzz 401/403/404 pages for bypasses☆253Updated 3 months ago
- This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.☆237Updated last year
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆342Updated last year
- Useful "Match and Replace" burpsuite rules☆338Updated last year
- Ghostscript command injection vulnerability PoC (CVE-2023-36664)☆115Updated last year
- ☆358Updated 6 months ago
- This tool use fuuzzing to try to bypass unknown authentication methods, who knows...☆229Updated 3 months ago
- CVE-2023-33733 reportlab RCE☆113Updated last year
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty☆186Updated 4 months ago
- Header Exploitation HTTP☆142Updated last week
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆354Updated last month
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing☆124Updated last year
- A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas i…☆163Updated 2 months ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆117Updated 2 weeks ago