dxa4481 / CORS
JSON API's Are Automatically Protected Against CSRF, And Google Almost Took It Away.
☆34Updated 7 years ago
Related projects: ⓘ
- Scan for and exploit Consul agents☆40Updated 5 years ago
- WebBorer is a directory-enumeration tool written in Go.☆44Updated last year
- try privilege escalation changing sudo command☆118Updated 6 years ago
- An example of obtaining RCE via Redis and CSRF☆76Updated 8 years ago
- ☆49Updated this week
- ☆25Updated 7 years ago
- Simple wrapper for meg that sieves through meg's output for you.☆59Updated 4 years ago
- A tiny chrome extension to record and replay your web application proof-of-concepts.☆20Updated 7 years ago
- Jaqen - Simple DNS rebinding☆70Updated 6 years ago
- PoC for an adaptive parallelised DNS prober☆44Updated 6 years ago
- A Firefox extension and WebSocket handler that checks S3/Google/Azure buckets while your browse.☆37Updated 4 years ago
- A horizontal and vertical web content enumerator☆51Updated 6 years ago
- Exploit insecure crossdomain.xml files.☆26Updated 7 years ago
- Very crude and poorly written HTTP(s) and SMTP bin☆92Updated 3 years ago
- tundeep☆42Updated 5 years ago
- A Scaleable and Asynchronous Framework for Testing Tools built on Kubernetes☆35Updated 7 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆44Updated 7 years ago
- ☆13Updated this week
- CTF Write-ups☆26Updated 5 years ago
- The SSH Multiplex Backdoor Tool☆62Updated 4 years ago
- Wax is a mediocre fuzzer I'm prototyping to test some ideas and get rid of others.☆18Updated 6 years ago
- ☆27Updated this week
- Terraform configuration to build a Burp Private Collaborator Server☆29Updated 6 years ago
- Allows you to trace where inputs are reflected back to the user.☆37Updated 6 years ago
- GPG Reaper - Obtain/Steal/Restore GPG Private Keys from gpg-agent cache/memory☆92Updated 6 years ago
- HackerOne Public Disclosure Slack Bot☆20Updated 2 years ago
- Highlight Burp proxy requests made by different browsers☆30Updated 7 years ago
- Framework for Automated Security Testing that is Scaleable and Asynchronous built on Microservices☆18Updated 7 years ago