harisec / orange-confusion-attacksLinks
Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
☆20Updated last year
Alternatives and similar repositories for orange-confusion-attacks
Users that are interested in orange-confusion-attacks are comparing it to the libraries listed below
Sorting:
- Looks for parameters in urls☆35Updated last year
- Make better use of the embedded browser that comes by default with Burp☆44Updated last year
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆37Updated last year
- Advanced test for proxy & waf☆13Updated 3 months ago
- ☆42Updated last month
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆54Updated last year
- A Burp Suite extension for Lightning/Aura framework security testing with advanced action management, context editing, and comprehensive …☆47Updated last month
- Nuclei templates for source code analysis. Detects hardcoded secrets, config leaks, debug endpoints. Also helps identify OWASP Top 10 iss…☆82Updated 6 months ago
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆29Updated last year
- A set of open-source community scripts☆65Updated last year
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆21Updated 11 months ago
- Exploit for Symfony CVE-2024-50340 (forked eos)☆29Updated last year
- Bcheck scripts for Burp☆28Updated last year
- Ffuf output browser☆40Updated 2 years ago
- Nuclei template to detect Apache servers vulnerable to CVE-2024-38473☆29Updated last year
- Web cache poisoning vulnerability scanner.☆73Updated 3 years ago
- vīlicus is a bug bounty api dashboard☆41Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆73Updated 3 years ago
- Demo of various ways to exploit post based reflected XSS☆18Updated 2 years ago
- A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.☆56Updated 2 years ago
- AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration test…☆37Updated last year
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆51Updated last month
- Mine URLs from Browser's Heap Snapshot for fun and profit☆63Updated 2 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆35Updated 9 months ago
- A utility for recursively traversing SSL/TLS certificates for collecting DNS names☆48Updated 2 years ago
- Tool to fuzz for interesting vhost.☆23Updated 11 months ago
- Deploy a SOCKS5 proxy in DigitalOcean and autoconfigure the Burp proxy settings to route all traffic through the droplet☆57Updated last year
- Custom nuclei templates for bug hunting.....☆26Updated last year
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated 2 years ago
- swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.☆61Updated 2 years ago