doyensec/regexploit

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/doyensec/regexploit)

doyensec / regexploit

Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)

☆846

Alternatives and similar repositories for regexploit

Users that are interested in regexploit are comparing it to the libraries listed below

Sorting:

revng / pagebuster
View on GitHub
PageBuster - dump all executable pages of packed processes.
☆206Mar 31, 2021Updated 4 years ago
doyensec / inql
View on GitHub
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…
☆1,744Feb 16, 2026Updated last month
BlackFan / client-side-prototype-pollution
View on GitHub
Prototype Pollution and useful Script Gadgets
☆1,601Jan 27, 2024Updated 2 years ago
GrrrDog / Java-Deserialization-Cheat-Sheet
View on GitHub
The cheat sheet about Java Deserialization vulnerabilities
☆3,173May 26, 2023Updated 2 years ago
neex / http2smugl
View on GitHub
☆563Mar 27, 2025Updated 11 months ago
qtc-de / remote-method-guesser
View on GitHub
Java RMI Vulnerability Scanner
☆915Jul 3, 2024Updated last year
defparam / haptyc
View on GitHub
☆95Sep 18, 2021Updated 4 years ago
jmdx / TLS-poison
View on GitHub
☆705Nov 27, 2024Updated last year
assetnote / blind-ssrf-chains
View on GitHub
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
☆959Dec 31, 2021Updated 4 years ago
assetnote / batchql
View on GitHub
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
☆408Dec 24, 2022Updated 3 years ago
tarunkant / Gopherus
View on GitHub
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
☆3,324Apr 18, 2023Updated 2 years ago
filedescriptor / untrusted-types
View on GitHub
☆695Jul 4, 2022Updated 3 years ago
BishopFox / GadgetProbe
View on GitHub
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
☆612Mar 4, 2021Updated 5 years ago
detectify / page-fetch
View on GitHub
Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…
☆529Apr 23, 2025Updated 10 months ago
visma-prodsec / confused
View on GitHub
Tool to check for dependency confusion vulnerabilities in multiple package management systems
☆779Aug 19, 2024Updated last year
assetnote / kiterunner
View on GitHub
Contextual Content Discovery Tool
☆3,121Apr 29, 2024Updated last year
httpvoid / writeups
View on GitHub
☆1,202Sep 2, 2022Updated 3 years ago
swisskyrepo / GraphQLmap
View on GitHub
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
☆1,640Mar 11, 2024Updated 2 years ago
pwntester / codeql_grehack_workshop
View on GitHub
GreHack 2021 CodeQL for Java workshop
☆73Nov 19, 2021Updated 4 years ago
defparam / smuggler
View on GitHub
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
☆2,063Jan 2, 2024Updated 2 years ago
msrkp / PPScan
View on GitHub
Client Side Prototype Pollution Scanner
☆523Sep 17, 2022Updated 3 years ago
BishopFox / json-interop-vuln-labs
View on GitHub
Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"
☆210Mar 9, 2023Updated 3 years ago
Accenture / jenkins-attack-framework
View on GitHub
☆576Jul 12, 2025Updated 8 months ago
ptoomey3 / evilarc
View on GitHub
Create tar/zip archives that can exploit directory traversal vulnerabilities
☆1,041Jun 3, 2021Updated 4 years ago
semgrep / semgrep
View on GitHub
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
☆14,504Updated this week
BlackFan / content-type-research
View on GitHub
Content-Type Research
☆658Jun 29, 2025Updated 8 months ago
allanlw / svg-cheatsheet
View on GitHub
A cheatsheet for exploiting server-side SVG processors.
☆798Jul 2, 2020Updated 5 years ago
epinna / tplmap
View on GitHub
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
☆4,125Apr 21, 2024Updated last year
GoSecure / dtd-finder
View on GitHub
List DTDs and generate XXE payloads using those local DTDs.
☆651Feb 21, 2024Updated 2 years ago
ticarpi / jwt_tool
View on GitHub
A toolkit for testing, tweaking and cracking JSON Web Tokens
☆6,435May 1, 2025Updated 10 months ago
whitel1st / docem
View on GitHub
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
☆679Jan 28, 2024Updated 2 years ago
doyensec / awesome-electronjs-hacking
View on GitHub
A curated list of awesome resources about Electron.js (in)security
☆659May 14, 2025Updated 10 months ago
honoki / bbrf-client
View on GitHub
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
☆641Jul 7, 2025Updated 8 months ago
pwntester / ysoserial.net
View on GitHub
Deserialization payload generator for a variety of .NET formatters
☆3,691Dec 23, 2024Updated last year
mschwager / route-detect
View on GitHub
Find authentication (authn) and authorization (authz) security bugs in web application routes.
☆281Sep 11, 2025Updated 6 months ago
C0DEbrained / Stepper
View on GitHub
A natural evolution of Burp Suite's Repeater tool
☆201Feb 9, 2024Updated 2 years ago
swisskyrepo / SSRFmap
View on GitHub
Automatic SSRF fuzzer and exploitation tool
☆3,505Sep 4, 2025Updated 6 months ago
BishopFox / h2csmuggler
View on GitHub
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
☆785May 10, 2022Updated 3 years ago
dolevf / Damn-Vulnerable-GraphQL-Application
View on GitHub
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practis…
☆1,677May 24, 2025Updated 9 months ago