doyensec / regexploit
Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)
☆804Updated last year
Alternatives and similar repositories for regexploit:
Users that are interested in regexploit are comparing it to the libraries listed below
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆718Updated 8 months ago
- A collection of browser-based side channel attack vectors.☆746Updated last year
- Fast HTTP enumerator☆479Updated this week
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆420Updated 5 months ago
- ☆676Updated 2 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆358Updated 8 months ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,615Updated last week
- Finding potential software vulnerabilities from git commit messages☆412Updated last year
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆378Updated 3 years ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆472Updated last year
- 🦄🔒 Awesome list of secrets in environment variables 🖥️☆886Updated 2 years ago
- ☆689Updated 4 months ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆899Updated this week
- Simple DNS Rebinding Service☆650Updated 5 years ago
- CORS Misconfiguration Scanner☆1,407Updated 2 years ago
- DOM XSS scanner for Single Page Applications☆406Updated 3 weeks ago
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration☆296Updated this week
- ☆1,318Updated 2 weeks ago
- Client Side Prototype Pollution Scanner☆518Updated 2 years ago
- A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me☆2,076Updated 4 months ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…☆520Updated this week
- Coverage-based fuzzer for python applications☆235Updated 2 years ago
- Private key usage verification☆431Updated 3 weeks ago
- ☆354Updated 2 months ago
- ☆983Updated 2 weeks ago
- ☆539Updated 3 weeks ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆203Updated 2 years ago
- Collections of Orange Tsai's public presentation slides.☆728Updated 3 months ago
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)☆715Updated 2 years ago
- Surreptitiously exfiltrate data from the browser over DNS☆417Updated 4 years ago