☆93Apr 29, 2024Updated 2 years ago
Alternatives and similar repositories for Prototype-Pollution-Gadgets-Finder
Users that are interested in Prototype-Pollution-Gadgets-Finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆21Aug 25, 2024Updated last year
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆165Jul 2, 2024Updated last year
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆54Feb 26, 2025Updated last year
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆159Mar 31, 2025Updated last year
- Dependency Confusion Security Testing Tool☆50Jul 21, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆37Mar 4, 2025Updated last year
- Additional active scan checks for BURP☆28Oct 3, 2024Updated last year
- ☆141Nov 9, 2024Updated last year
- Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages☆36Sep 11, 2023Updated 2 years ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆165Nov 29, 2024Updated last year
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆104Feb 9, 2024Updated 2 years ago
- Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.☆12Feb 3, 2024Updated 2 years ago
- The Most Advanced Client-Side Prototype Pollution Scanner☆248Apr 22, 2026Updated 2 weeks ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆230Feb 6, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Atlassian Companion RCE Vulnerability Proof of Concept☆25Dec 15, 2023Updated 2 years ago
- ☆17Jul 18, 2022Updated 3 years ago
- Extension to log postMessage()☆15Feb 17, 2026Updated 2 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆314May 16, 2024Updated last year
- ☆16Feb 18, 2023Updated 3 years ago
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆29Jul 21, 2024Updated last year
- A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…☆19Feb 8, 2023Updated 3 years ago
- ☆522Apr 29, 2024Updated 2 years ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆845Mar 24, 2026Updated last month
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Template Nuclei SSTI☆34Nov 18, 2025Updated 5 months ago
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Aug 5, 2024Updated last year
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆176Oct 26, 2024Updated last year
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Nov 30, 2025Updated 5 months ago
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆43Dec 16, 2024Updated last year
- A command-line utility for auditing DNS configuration using Zonemaster API☆32Aug 21, 2023Updated 2 years ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆50Nov 5, 2025Updated 6 months ago
- PAN-OS auth bypass + RCE☆46Nov 19, 2024Updated last year
- ☆46Sep 20, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Session Hijacking Visual Exploitation☆212Mar 7, 2024Updated 2 years ago
- IBM Maximo Asset Management is vulnerable to Information Disclosure via XXE Vulnerability (CVE-2020-4463)☆52Sep 19, 2023Updated 2 years ago
- ☆29Jan 10, 2023Updated 3 years ago
- Burp Suite extension that enhances Burp Active Scan by adding template engine specific SSTI payloads.☆25Feb 20, 2024Updated 2 years ago
- BurpSuite extension to convert requests into bcheck scripts☆33Jul 18, 2023Updated 2 years ago
- ☆41Oct 20, 2023Updated 2 years ago
- Looks for parameters in urls☆34Oct 14, 2024Updated last year