glebarez / padreLinks
Blazing fast, advanced Padding Oracle exploit
☆254Updated last year
Alternatives and similar repositories for padre
Users that are interested in padre are comparing it to the libraries listed below
Sorting:
- PP-finder Help you find gadget for prototype pollution exploitation☆162Updated 9 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆261Updated 2 months ago
- ☆378Updated 2 years ago
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆356Updated 3 weeks ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆341Updated last year
- IIS shortname scanner written in Go☆333Updated 2 years ago
- Complex payload encoder☆225Updated last year
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery☆308Updated 6 months ago
- unleashed ffuf☆199Updated this week
- ☆152Updated last year
- Black box fuzzer for web applications☆426Updated 10 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆159Updated 6 months ago
- HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy + Exploit Timing Attacks☆177Updated last week
- A rapid HTTP downgrade smuggling scanner written in Go.☆255Updated last year
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆655Updated last month
- Smart context-based SSRF vulnerability scanner.☆351Updated 3 years ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆508Updated 2 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆638Updated last year
- CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …☆283Updated 9 months ago
- Discover new target domains using Content Security Policy☆433Updated 2 weeks ago
- gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications☆220Updated 3 months ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆189Updated 3 months ago
- This tool use fuuzzing to try to bypass unknown authentication methods, who knows...☆248Updated 9 months ago
- A GraphQL enumeration and extraction tool☆131Updated 2 years ago
- Automated learning of regexes for DNS discovery☆368Updated 2 years ago
- Enumerate / Dump Docker Registry☆177Updated last year
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆138Updated 5 months ago
- CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator☆271Updated 2 years ago
- Session Hijacking Visual Exploitation☆200Updated last year
- A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read☆216Updated 2 months ago