Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
☆21Aug 25, 2024Updated last year
Alternatives and similar repositories for orange-confusion-attacks
Users that are interested in orange-confusion-attacks are comparing it to the libraries listed below
Sorting:
- PoC for leaking text nodes via CSS injection☆25Jul 27, 2024Updated last year
- Finds graphql queries in javascript files☆69May 18, 2024Updated last year
- ☆20Jun 26, 2024Updated last year
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆153Mar 31, 2025Updated 11 months ago
- Custom nuclei templates for bug hunting.....☆26May 30, 2024Updated last year
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Nov 30, 2025Updated 3 months ago
- The utility aims to clean up output generated by popular tools by calculating a hash based on specific JSON values to removing junk data.☆16Apr 5, 2024Updated last year
- My custom created nuclei for SQLi, bugbounty, pentesting☆26May 7, 2025Updated 9 months ago
- ☆93Apr 29, 2024Updated last year
- Advanced test for proxy & waf☆14Feb 10, 2026Updated 3 weeks ago
- Extract uncompiled, uncompressed SPA code from Webpack source maps. A fork of @rarecoil's work.☆13Jul 11, 2024Updated last year
- Get 10k subdomains in securitytrails using cookie without apikey.☆36Oct 23, 2025Updated 4 months ago
- Extract Sensitive Keys, Secret, Token Or Interested thing from source☆52Jun 4, 2020Updated 5 years ago
- A tool to migrate Burpsuite HTTP history to Caido☆35Apr 25, 2025Updated 10 months ago
- Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection☆13Nov 1, 2024Updated last year
- List of Fresh DNS resolvers updates every 1 hour☆19Updated this week
- A Series of Tweets☆15Jan 30, 2024Updated 2 years ago
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆92Jan 11, 2025Updated last year
- Url scrapper or extractor from alienvault☆38Mar 1, 2025Updated last year
- ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET…☆63Feb 22, 2025Updated last year
- Javascript file change monitoring☆17Nov 11, 2025Updated 3 months ago
- The Primate Pack is a suite of extensions for Caido.☆13Sep 29, 2024Updated last year
- WordTally is a Python script designed to analyze text files and provide word frequency statistics.☆15Jul 3, 2023Updated 2 years ago
- Paramix is a command-line tool for modifying the parameters of a list of URLs from stdin and returns them in stdout.☆17Aug 23, 2024Updated last year
- DomainTrail is a fast subdomain enumeration tool that uses effective passive and active techniques.☆41Apr 18, 2024Updated last year
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆227May 22, 2023Updated 2 years ago
- RF-modulated high fidelity laser microphone and keystroke sniffer☆87Oct 17, 2024Updated last year
- CLI tool for fetching URLs from Wayback Machine, Common Crawl, and VirusTotal.☆40Aug 21, 2025Updated 6 months ago
- dEX is a powerful tool for transmitting OS command output over DNS. It is equipped with robust mechanisms for handling missing chunks, en…☆18Nov 21, 2024Updated last year
- Your favourite chest/terminal bursting buddy!☆18Nov 27, 2021Updated 4 years ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆161Feb 11, 2026Updated 3 weeks ago
- SubOwner - A Simple tool check for subdomain takeovers.☆116Oct 18, 2024Updated last year
- Use these VDP in Bug Hunting, These VDP are checked and verified by Bug Hunters☆20Aug 9, 2022Updated 3 years ago
- Retrieves information about a given domain from the Google Transparency Report : https://transparencyreport.google.com/https/certificates☆20Dec 15, 2021Updated 4 years ago
- Backup Files Wordlist Generator - generate a comprehensive list of potential backup file Wordlist based on a given list URL and backup fi…☆88Jun 23, 2025Updated 8 months ago
- Useful configurations for the DomLogger++ extension☆48Sep 7, 2024Updated last year
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- A tool to guess the rest of the shortnames provided by vulnerable IIS instances.☆41Aug 12, 2023Updated 2 years ago
- A command line tool to interact with Microsoft Graph API☆22May 27, 2024Updated last year