Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
☆21Aug 25, 2024Updated last year
Alternatives and similar repositories for orange-confusion-attacks
Users that are interested in orange-confusion-attacks are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PoC for leaking text nodes via CSS injection☆26Jul 27, 2024Updated last year
- Finds graphql queries in javascript files☆69May 18, 2024Updated 2 years ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆161Mar 31, 2025Updated last year
- Monitor your target continuously for new subdomains!☆25Mar 18, 2023Updated 3 years ago
- Extract Sensitive Keys, Secret, Token Or Interested thing from source☆52Jun 4, 2020Updated 6 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆31Nov 30, 2025Updated 7 months ago
- My custom created nuclei for SQLi, bugbounty, pentesting☆28May 7, 2025Updated last year
- Recon script for wildcard domain web scopes... (for use on synack red team)☆26Mar 31, 2023Updated 3 years ago
- ☆20Jun 26, 2024Updated 2 years ago
- Custom nuclei templates for bug hunting.....☆26May 30, 2024Updated 2 years ago
- The utility aims to clean up output generated by popular tools by calculating a hash based on specific JSON values to removing junk data.☆16Apr 5, 2024Updated 2 years ago
- ☆92Apr 29, 2024Updated 2 years ago
- Paramix is a command-line tool for modifying the parameters of a list of URLs from stdin and returns them in stdout.☆17Aug 23, 2024Updated last year
- Url scrapper or extractor from alienvault☆39Mar 1, 2025Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Get 10k subdomains in securitytrails using cookie without apikey.☆40Oct 23, 2025Updated 8 months ago
- A tool to migrate Burpsuite HTTP history to Caido☆42Apr 25, 2025Updated last year
- ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET…☆61Feb 22, 2025Updated last year
- Extract uncompiled, uncompressed SPA code from Webpack source maps. A fork of @rarecoil's work.☆13Jul 11, 2024Updated last year
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- DomainTrail is a fast subdomain enumeration tool that uses effective passive and active techniques.☆41Apr 18, 2024Updated 2 years ago
- This tool calculates tricky canonical huffman histogram for CVE-2023-4863.☆25Dec 20, 2023Updated 2 years ago
- SubOwner - A Simple tool check for subdomain takeovers.☆118Oct 18, 2024Updated last year
- List of Fresh DNS resolvers updates every 1 hour☆21May 8, 2026Updated last month
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A Series of Tweets☆15Jan 30, 2024Updated 2 years ago
- A really fast http prober.☆40Feb 1, 2024Updated 2 years ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆167May 15, 2026Updated last month
- Your favourite chest/terminal bursting buddy!☆18Nov 27, 2021Updated 4 years ago
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆228May 22, 2023Updated 3 years ago
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆92Jan 11, 2025Updated last year
- Unauthorized Access to Metadata and User Data like CTF☆28Nov 30, 2024Updated last year
- WordTally is a Python script designed to analyze text files and provide word frequency statistics.☆16Jul 3, 2023Updated 3 years ago
- Get list of subsidiaries for a selected company☆32Dec 21, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Use these VDP in Bug Hunting, These VDP are checked and verified by Bug Hunters☆21Aug 9, 2022Updated 3 years ago
- Advanced test for proxy & waf☆14Feb 10, 2026Updated 4 months ago
- A tool to guess the rest of the shortnames provided by vulnerable IIS instances.☆44Aug 12, 2023Updated 2 years ago
- Useful configurations for the DomLogger++ extension☆48Apr 7, 2026Updated 2 months ago
- ☆179Oct 15, 2024Updated last year
- 403 Bypasser With auto payload generation☆12Aug 8, 2024Updated last year
- A command line tool to interact with Microsoft Graph API☆23May 27, 2024Updated 2 years ago