☆92Apr 29, 2024Updated 2 years ago
Alternatives and similar repositories for Prototype-Pollution-Gadgets-Finder
Users that are interested in Prototype-Pollution-Gadgets-Finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆21Aug 25, 2024Updated last year
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆166Jul 2, 2024Updated last year
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆54Feb 26, 2025Updated last year
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆161Mar 31, 2025Updated last year
- Dependency Confusion Security Testing Tool☆50Jul 21, 2022Updated 3 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆38Mar 4, 2025Updated last year
- Additional active scan checks for BURP☆28Oct 3, 2024Updated last year
- ☆142Nov 9, 2024Updated last year
- Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages☆36Sep 11, 2023Updated 2 years ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆167Nov 29, 2024Updated last year
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆104Feb 9, 2024Updated 2 years ago
- Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.☆12Feb 3, 2024Updated 2 years ago
- Advanced Client-Side Prototype Pollution Scanner☆250Jun 3, 2026Updated last week
- A collection of Server-Side Prototype Pollution gadgets and exploits☆234Feb 6, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Atlassian Companion RCE Vulnerability Proof of Concept☆25Dec 15, 2023Updated 2 years ago
- ☆17Jul 18, 2022Updated 3 years ago
- Extension to log postMessage()☆15Feb 17, 2026Updated 3 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆312May 16, 2024Updated 2 years ago
- ☆16Feb 18, 2023Updated 3 years ago
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆30Jul 21, 2024Updated last year
- A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…☆19Feb 8, 2023Updated 3 years ago
- ☆528Apr 29, 2024Updated 2 years ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆851May 13, 2026Updated last month
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Template Nuclei SSTI☆34Nov 18, 2025Updated 6 months ago
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Aug 5, 2024Updated last year
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆31Nov 30, 2025Updated 6 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆178Oct 26, 2024Updated last year
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆44Dec 16, 2024Updated last year
- A command-line utility for auditing DNS configuration using Zonemaster API☆33Aug 21, 2023Updated 2 years ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆51Nov 5, 2025Updated 7 months ago
- PAN-OS auth bypass + RCE☆45Nov 19, 2024Updated last year
- ☆46Sep 20, 2024Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Session Hijacking Visual Exploitation☆213Mar 7, 2024Updated 2 years ago
- IBM Maximo Asset Management is vulnerable to Information Disclosure via XXE Vulnerability (CVE-2020-4463)☆52Sep 19, 2023Updated 2 years ago
- ☆29Jan 10, 2023Updated 3 years ago
- Burp Suite extension that enhances Burp Active Scan by adding template engine specific SSTI payloads.☆27Feb 20, 2024Updated 2 years ago
- BurpSuite extension to convert requests into bcheck scripts☆33Jul 18, 2023Updated 2 years ago
- ☆41Oct 20, 2023Updated 2 years ago
- Looks for parameters in urls☆35Oct 14, 2024Updated last year