dhmosfunk / simple-http-smuggler-generator
This tool is developed for burp suite practitioner certificate exam and HTTP Request Smuggling labs. The most important about this tool is TE.CL vulnerability exploitation and chunk size auto generator. Feel free to contribute and make a PR ;) Have fun exploiting these labs >.<
☆15Updated 2 years ago
Alternatives and similar repositories for simple-http-smuggler-generator:
Users that are interested in simple-http-smuggler-generator are comparing it to the libraries listed below
- Make better use of the embedded browser that comes by default with Burp☆38Updated 10 months ago
- Just some random small tools for dealing with asp.net Forms Authentication Cookies☆22Updated 3 years ago
- ElasticSearch exploit and Pentesting guide for penetration tester☆23Updated 2 years ago
- Τhis repository contains all the necessary files for my GitHub pages. Feel free to fork and use it!☆1Updated this week
- Dompdf RCE PoC Exploit - CVE-2022-28368☆17Updated 10 months ago
- Little thing put together quickly to demonstrate this CVE☆28Updated 2 years ago
- ☆43Updated last year
- PoC for CVE-2022-46169 - Unauthenticated RCE on Cacti <= 1.2.22☆29Updated last year
- Exploit for Symfony CVE-2024-50340 (forked eos)☆25Updated this week
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆67Updated 2 years ago
- Pwndoc local file inclusion to remote code execution of Node.js code on the server☆46Updated last year
- crtdumper is a Go application designed to interact directly with Certificate Transparency (CT) logs servers and extract domain names fro…☆18Updated 5 months ago
- BBSSRF - Bug Bounty SSRF is a powerful tool to check SSRF OOB connection☆38Updated last year
- CVE-2023-26818 Exploit MacOS TCC Bypass W/ Telegram☆17Updated 5 months ago
- Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure☆29Updated 9 months ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆48Updated 2 years ago
- Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaks☆27Updated last year
- Web cache poisoning vulnerability scanner.☆61Updated 2 years ago
- F5 BIG-IP iControl REST vulnerability RCE exploit with Java including a testing LAB☆13Updated last year
- ☆47Updated 2 years ago
- CVE-2022-21907 Vulnerability PoC☆27Updated 2 years ago
- Python script to check if there is any differences in responses of an application when the request comes from a search engine's crawler.☆20Updated last year
- Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)☆35Updated last year
- Fortinet FortiClient EMS SQL Injection☆43Updated 8 months ago
- A simple automation tool to detect lfi, rce and ssti vulnerability☆55Updated 2 years ago
- ☆16Updated 8 months ago
- A script to automatically dump all URLs present in /server-status to a file locally.☆23Updated last month
- SQLMap wrapper that lets you use Interact.sh as a DNS server for exfiltrating data with zero configuration☆35Updated last year
- 「💥」CVE-2022-33891 - Apache Spark Command Injection☆27Updated 2 years ago
- collection of various grep patterns collected from tomnomnom/gf and other places☆21Updated 4 years ago