An Evil OIDC Server
☆53Oct 19, 2022Updated 3 years ago
Alternatives and similar repositories for oidc-ssrf
Users that are interested in oidc-ssrf are comparing it to the libraries listed below
Sorting:
- ☆95Sep 18, 2021Updated 4 years ago
- Java archive implant toolkit.☆61Apr 20, 2025Updated 10 months ago
- A tool to inspect and attack version 1 GUIDs☆238Oct 13, 2022Updated 3 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)☆89Jul 5, 2022Updated 3 years ago
- ☆12Jan 30, 2025Updated last year
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- Blogpost series showcasing interesting cloud - web app security bugs☆48Jun 13, 2023Updated 2 years ago
- ☆270Jan 14, 2026Updated last month
- AWS SSO serverless phishing API.☆32Jun 30, 2021Updated 4 years ago
- This changes the style of Burp Suite's Repeater tabs to help the testers☆29Jul 3, 2019Updated 6 years ago
- Secrets scanner that understands code☆192Nov 2, 2023Updated 2 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Dec 2, 2020Updated 5 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆107Jan 30, 2025Updated last year
- Visual Studio (C++) Solution Template for Payloads☆18Oct 30, 2019Updated 6 years ago
- ☆17Jul 31, 2021Updated 4 years ago
- Scan your account for the use of untrusted AMIs☆31Feb 13, 2026Updated 2 weeks ago
- tool that generates bypasses for open redirects☆51Apr 18, 2022Updated 3 years ago
- PackageSpy is a versatile command-line tool designed to simplify the process of searching for packages on two popular package managers☆22Jun 19, 2024Updated last year
- Determine privileges from cloud credentials via brute-force testing.☆68Aug 22, 2024Updated last year
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆142Jun 27, 2023Updated 2 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆175Oct 26, 2024Updated last year
- A simple Google Protobuf Decoder for Burp☆43Nov 22, 2022Updated 3 years ago
- ☆15Jul 20, 2022Updated 3 years ago
- Proof of conept to exploit vulnerable proxycommand configurations on ssh clients☆19Dec 21, 2023Updated 2 years ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆88Jan 28, 2024Updated 2 years ago
- ☆25Jun 27, 2024Updated last year
- navgix is a multi-threaded golang tool that will check for nginx alias traversal vulnerabilities☆74May 20, 2023Updated 2 years ago
- Verizon Burp Extensions: AI Suite☆142Apr 22, 2025Updated 10 months ago
- Collaborative web dashboard for RedTeam pentesters☆21Oct 28, 2019Updated 6 years ago
- AMF Plugin for JMeter☆37May 24, 2012Updated 13 years ago
- This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…☆122Nov 2, 2019Updated 6 years ago
- ☆37May 8, 2022Updated 3 years ago
- Terraform script to deploy AD-based environment on Azure☆41Apr 22, 2023Updated 2 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆21Jan 20, 2025Updated last year
- Clean accounts over permissions in GCP infra at scale☆71May 9, 2023Updated 2 years ago
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated 11 months ago