dxa4481 / CORSLinks
JSON API's Are Automatically Protected Against CSRF, And Google Almost Took It Away.
☆34Updated 7 years ago
Alternatives and similar repositories for CORS
Users that are interested in CORS are comparing it to the libraries listed below
Sorting:
- Scan for and exploit Consul agents☆40Updated 6 years ago
- Jaqen - Simple DNS rebinding☆72Updated 7 years ago
- Framework for Automated Security Testing that is Scaleable and Asynchronous built on Microservices☆18Updated 8 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆29Updated 6 years ago
- A Firefox extension and WebSocket handler that checks S3/Google/Azure buckets while your browse.☆37Updated 4 years ago
- An example of obtaining RCE via Redis and CSRF☆76Updated 8 years ago
- WebBorer is a directory-enumeration tool written in Go.☆44Updated 2 years ago
- A deliberately vulnerable modern day app with lots of DOM related bugs☆35Updated 6 years ago
- Simple wrapper for meg that sieves through meg's output for you.☆60Updated 5 years ago
- Use burp's JS static code analysis on code from your local system.☆42Updated 8 years ago
- A horizontal and vertical web content enumerator☆52Updated 6 years ago
- Wax is a mediocre fuzzer I'm prototyping to test some ideas and get rid of others.☆18Updated 6 years ago
- OAuth Security Cheatsheet☆40Updated 11 years ago
- Dynamic DNS Update Bruteforce Tool☆29Updated 8 years ago
- ☆25Updated 7 years ago
- CTF Write-ups☆26Updated 6 years ago
- HackerOne Public Disclosure Slack Bot☆20Updated 2 years ago
- Exploit insecure crossdomain.xml files.☆26Updated 8 years ago
- Scans crossdomain.xml policies for expired domain names.☆25Updated 9 years ago
- ❄️ Research project for SubFinder core API V2☆36Updated 6 years ago
- A tiny chrome extension to record and replay your web application proof-of-concepts.☆20Updated 8 years ago
- ☆29Updated 8 years ago
- Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.☆49Updated 2 years ago
- A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!☆33Updated 6 years ago
- Demo server for testing Java deserialization payloads☆15Updated 8 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆44Updated 8 years ago
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆45Updated 7 years ago
- GPG Reaper - Obtain/Steal/Restore GPG Private Keys from gpg-agent cache/memory☆94Updated 7 years ago
- Write Up I write for different CTFs☆12Updated 7 years ago
- ☆13Updated 7 years ago