doyensec / Prototype-Pollution-Gadgets-Finder

Related projects ⓘ

Alternatives and complementary repositories for Prototype-Pollution-Gadgets-Finder

• phlmox / BurpJSLinkFinderv2
  Burp Extension for a passive scanning JS files for endpoint links.
  ☆50Updated last month
• synfron / ReshaperForBurp
  Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules
  ☆92Updated last week
• wzqs / endpoints_explore
  Endpoints Explorer is a Python script that employs multiple bypass rules to discover sensitive endpoints
  ☆83Updated 5 months ago
• ynsmroztas / SQL_Injection-Techniques
  Advanced SQL Injection Techniques for Bug Bounty Hunters
  ☆66Updated 3 months ago
• fcavallarin / burp-dom-scanner
  Burp Suite's extension to scan and crawl Single Page Applications
  ☆99Updated last year
• adampielak / nuclei-templates
  All Nuclei Templates
  ☆61Updated 3 weeks ago
• 0xAwali / Blind-SSRF
  Nuclei Templates to reproduce Cracking the lens's Research
  ☆121Updated 2 years ago
• Moopinger / CLZero
  A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors
  ☆85Updated 9 months ago
• codewhitesec / HttpRemotingObjRefLeak
  Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)
  ☆85Updated 7 months ago
• emadshanab / BChecks-Collection
  BChecks collection for Burp Suite Professional
  ☆81Updated 5 months ago
• pentagridsec / PentagridScanController
  Improve automated and semi-automated active scanning in Burp Pro
  ☆60Updated 2 years ago
• W01fh4cker / CVE-2024-22120-RCE
  Time Based SQL Injection in Zabbix Server Audit Log --> RCE
  ☆114Updated 5 months ago
• seanmarpo / webjars-swagger-xss
  PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]
  ☆53Updated last year
• dbrwsky / Nuclei-BurpExtension
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆116Updated last year
• doyensec / CSPTBurpExtension
  CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
  ☆103Updated 4 months ago
• 0xf4n9x / CVE-2022-46169
  CVE-2022-46169 Cacti remote_agent.php Unauthenticated Command Injection.
  ☆49Updated last year
• Aituglo / CVE-2023-34960
  CVE-2023-34960 Chamilo PoC
  ☆35Updated last year
• vulntinker / FUA
  WEB API fuzzing
  ☆24Updated last year
• win3zz / CVE-2023-25157
  CVE-2023-25157 - GeoServer SQL Injection - PoC
  ☆163Updated last year
• hktalent / bug-bounty
  bounty collection
  ☆28Updated 2 months ago
• PortSwigger / 403-bypasser
  ☆55Updated 2 years ago
• gobysec / Weblogic
  WebLogic vulnerability exploration from beginner to expert.
  ☆154Updated last year
• blackberry / jwt-editor
  A Burp Suite extension and standalone application for creating and editing JSON Web Tokens. This tool supports signing and verification o…
  ☆35Updated 2 years ago
• ambionics / scalpel
  Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
  ☆51Updated 5 months ago
• yxw21 / xssbughunter
  burpsuite extension
  ☆13Updated last year
• PortSwigger / jwt-editor
  A Burp Suite extension for creating and editing JSON Web Tokens. This tool supports signing and verification of JWS, encryption and decry…
  ☆21Updated last month
• PortSwigger / auth-analyzer
  ☆71Updated 6 months ago
• sw33tLie / uff
  unleashed ffuf
  ☆95Updated 4 months ago
• sinsinology / CVE-2024-4358
  Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)
  ☆74Updated 5 months ago
• PortSwigger / agartha
  a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …
  ☆20Updated 2 months ago