☆93Apr 29, 2024Updated last year
Alternatives and similar repositories for Prototype-Pollution-Gadgets-Finder
Users that are interested in Prototype-Pollution-Gadgets-Finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆21Aug 25, 2024Updated last year
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆163Jul 2, 2024Updated last year
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆54Feb 26, 2025Updated last year
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆154Mar 31, 2025Updated 11 months ago
- Dependency Confusion Security Testing Tool☆51Jul 21, 2022Updated 3 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆37Mar 4, 2025Updated last year
- Additional active scan checks for BURP☆28Oct 3, 2024Updated last year
- ☆139Nov 9, 2024Updated last year
- Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages☆36Sep 11, 2023Updated 2 years ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆164Nov 29, 2024Updated last year
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆103Feb 9, 2024Updated 2 years ago
- Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.☆12Feb 3, 2024Updated 2 years ago
- The Most Advanced Client-Side Prototype Pollution Scanner☆248Updated this week
- A collection of Server-Side Prototype Pollution gadgets and exploits☆228Feb 6, 2025Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Atlassian Companion RCE Vulnerability Proof of Concept☆25Dec 15, 2023Updated 2 years ago
- Extension to log postMessage()☆15Feb 17, 2026Updated last month
- A rapid HTTP downgrade smuggling scanner written in Go.☆313May 16, 2024Updated last year
- ☆16Feb 18, 2023Updated 3 years ago
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆28Jul 21, 2024Updated last year
- A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…☆19Feb 8, 2023Updated 3 years ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆795Mar 20, 2026Updated last week
- ☆521Apr 29, 2024Updated last year
- Template Nuclei SSTI☆34Nov 18, 2025Updated 4 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Aug 5, 2024Updated last year
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆176Oct 26, 2024Updated last year
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Nov 30, 2025Updated 3 months ago
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆43Dec 16, 2024Updated last year
- A command-line utility for auditing DNS configuration using Zonemaster API☆32Aug 21, 2023Updated 2 years ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆50Nov 5, 2025Updated 4 months ago
- PAN-OS auth bypass + RCE☆46Nov 19, 2024Updated last year
- ☆47Sep 20, 2024Updated last year
- Session Hijacking Visual Exploitation☆211Mar 7, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- IBM Maximo Asset Management is vulnerable to Information Disclosure via XXE Vulnerability (CVE-2020-4463)☆52Sep 19, 2023Updated 2 years ago
- Burp Suite extension that enhances Burp Active Scan by adding template engine specific SSTI payloads.☆24Feb 20, 2024Updated 2 years ago
- ☆29Jan 10, 2023Updated 3 years ago
- BurpSuite extension to convert requests into bcheck scripts☆33Jul 18, 2023Updated 2 years ago
- ☆41Oct 20, 2023Updated 2 years ago
- Looks for parameters in urls☆34Oct 14, 2024Updated last year
- PP-finder Help you find gadget for prototype pollution exploitation☆189Aug 8, 2024Updated last year