doyensec / regexploit
Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)
☆806Updated last year
Alternatives and similar repositories for regexploit:
Users that are interested in regexploit are comparing it to the libraries listed below
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆880Updated this week
- ☆688Updated 4 months ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆717Updated 7 months ago
- A collection of browser-based side channel attack vectors.☆745Updated last year
- CORS Misconfiguration Scanner☆1,398Updated 2 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆353Updated 7 months ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆417Updated 4 months ago
- ☆675Updated 2 years ago
- 🎯 Fast CORS misconfiguration vulnerabilities scanner☆1,064Updated 3 years ago
- ☆980Updated 2 months ago
- ☆536Updated last week
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆860Updated 3 years ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…☆521Updated 3 weeks ago
- ☆1,183Updated 2 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆1,934Updated last year
- Simple DNS Rebinding Service☆649Updated 5 years ago
- Finding potential software vulnerabilities from git commit messages☆409Updated last year
- Client Side Prototype Pollution Scanner☆517Updated 2 years ago
- A fast tool to scan CRLF vulnerability written in Go☆1,403Updated last week
- Fast HTTP enumerator☆478Updated last week
- Proof of concept code for Datadog Security Labs referenced exploits.☆432Updated last week
- DOM XSS scanner for Single Page Applications☆403Updated this week
- A cheatsheet for exploiting server-side SVG processors.☆726Updated 4 years ago
- 🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.☆867Updated 2 months ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hac…☆946Updated 3 months ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,604Updated 2 weeks ago
- ☆1,310Updated 2 months ago
- GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)☆1,456Updated last year
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆373Updated 3 years ago
- Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.☆1,279Updated 2 weeks ago