doyensec/Prototype-Pollution-Gadgets-Finder external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

doyensec/Prototype-Pollution-Gadgets-Finder

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/doyensec/Prototype-Pollution-Gadgets-Finder)

Close

doyensec / Prototype-Pollution-Gadgets-FinderView on GitHubMore

• External links
• Readme badge

☆93Apr 29, 2024Updated last year

Alternatives and similar repositories for Prototype-Pollution-Gadgets-Finder

Users that are interested in Prototype-Pollution-Gadgets-Finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• harisec / orange-confusion-attacks

  View on GitHub
  Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
  ☆21Aug 25, 2024Updated last year
• doyensec / CSPTBurpExtension

  View on GitHub
  CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
  ☆164Jul 2, 2024Updated last year
• fransr / unpack-burp

  View on GitHub
  For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)
  ☆54Feb 26, 2025Updated last year
• doyensec / CSPTPlayground

  View on GitHub
  CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).
  ☆157Mar 31, 2025Updated last year
• dillonfranke / protoburp

  View on GitHub
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆37Mar 4, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• doyensec / confuser

  View on GitHub
  Dependency Confusion Security Testing Tool
  ☆51Jul 21, 2022Updated 3 years ago
• Outpost24 / outpost24-cors-check

  View on GitHub
  Additional active scan checks for BURP
  ☆28Oct 3, 2024Updated last year
• BugBountyzip / Bambdas

  View on GitHub
  ☆139Nov 9, 2024Updated last year
• doyensec / protoburp

  View on GitHub
  Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages
  ☆36Sep 11, 2023Updated 2 years ago
• d0ge / sign-saboteur

  View on GitHub
  SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens
  ☆165Nov 29, 2024Updated last year
• j3ssie / custom-bcheck-scan

  View on GitHub
  This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…
  ☆104Feb 9, 2024Updated 2 years ago
• seajaysec / Ivanti-Connect-Around-Scan

  View on GitHub
  Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.
  ☆12Feb 3, 2024Updated 2 years ago
• edoardottt / pphack

  View on GitHub
  The Most Advanced Client-Side Prototype Pollution Scanner
  ☆248Mar 30, 2026Updated 2 weeks ago
• KTH-LangSec / server-side-prototype-pollution

  View on GitHub
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆229Feb 6, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• ron-imperva / CVE-2023-22524

  View on GitHub
  Atlassian Companion RCE Vulnerability Proof of Concept
  ☆25Dec 15, 2023Updated 2 years ago
• HolyGu / CobaltStrikeToWateringhole

  View on GitHub
  ☆17Jul 18, 2022Updated 3 years ago
• NDevTK / postLogger

  View on GitHub
  Extension to log postMessage()
  ☆15Feb 17, 2026Updated last month
• Moopinger / smugglefuzz

  View on GitHub
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆313May 16, 2024Updated last year
• Captain0X / HunterUrls

  View on GitHub
  ☆16Feb 18, 2023Updated 3 years ago
• mqst / gouge

  View on GitHub
  Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…
  ☆28Jul 21, 2024Updated last year
• doyensec / CVE-2022-39299_PoC_Generator

  View on GitHub
  A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…
  ☆19Feb 8, 2023Updated 3 years ago
• g0ldencybersec / CloudRecon

  View on GitHub
  ☆522Apr 29, 2024Updated last year
• BishopFox / sj

  View on GitHub
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆839Mar 24, 2026Updated 3 weeks ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• HernanRodriguez1 / ScanReflectedSSTI

  View on GitHub
  Template Nuclei SSTI
  ☆34Nov 18, 2025Updated 4 months ago
• SirAppSec / bsides-shadow-api

  View on GitHub
  This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me
  ☆18Aug 5, 2024Updated last year
• akabe1 / OAUTHScan

  View on GitHub
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆176Oct 26, 2024Updated last year
• intrudir / burpcollaborator-docker

  View on GitHub
  A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…
  ☆30Nov 30, 2025Updated 4 months ago
• doyensec / Unsafe-Unpacking

  View on GitHub
  Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide
  ☆43Dec 16, 2024Updated last year
• devanshbatham / dnsaudit

  View on GitHub
  A command-line utility for auditing DNS configuration using Zonemaster API
  ☆32Aug 21, 2023Updated 2 years ago
• honoki / burp-digitalocean-openvpn-socks

  View on GitHub
  A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it
  ☆50Nov 5, 2025Updated 5 months ago
• Chocapikk / CVE-2024-9474

  View on GitHub
  PAN-OS auth bypass + RCE
  ☆46Nov 19, 2024Updated last year
• ifconfig-me / knoxss-bulk-scan

  View on GitHub
  ☆46Sep 20, 2024Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• doyensec / Session-Hijacking-Visual-Exploitation

  View on GitHub
  Session Hijacking Visual Exploitation
  ☆212Mar 7, 2024Updated 2 years ago
• Ibonok / CVE-2020-4463

  View on GitHub
  IBM Maximo Asset Management is vulnerable to Information Disclosure via XXE Vulnerability (CVE-2020-4463)
  ☆52Sep 19, 2023Updated 2 years ago
• GoSecure / request-smuggling-workshop

  View on GitHub
  ☆29Jan 10, 2023Updated 3 years ago
• efecankaya / BlindSSTIScanner

  View on GitHub
  Burp Suite extension that enhances Burp Active Scan by adding template engine specific SSTI payloads.
  ☆25Feb 20, 2024Updated 2 years ago
• vrechson / copy-to-bcheck

  View on GitHub
  BurpSuite extension to convert requests into bcheck scripts
  ☆33Jul 18, 2023Updated 2 years ago
• Sudistark / xss-writeups

  View on GitHub
  ☆41Oct 20, 2023Updated 2 years ago
• nullenc0de / paramhunter

  View on GitHub
  Looks for parameters in urls
  ☆34Oct 14, 2024Updated last year