harisec / orange-confusion-attacksLinks
Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
☆20Updated last year
Alternatives and similar repositories for orange-confusion-attacks
Users that are interested in orange-confusion-attacks are comparing it to the libraries listed below
Sorting:
- Looks for parameters in urls☆34Updated 10 months ago
- Advanced test for proxy & waf☆13Updated 11 months ago
- ☆39Updated 2 months ago
- Make better use of the embedded browser that comes by default with Burp☆45Updated last year
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆35Updated 9 months ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆55Updated 10 months ago
- Web cache poisoning vulnerability scanner.☆71Updated 3 years ago
- A set of open-source community scripts☆64Updated 10 months ago
- Ffuf output browser☆39Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆72Updated 3 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆32Updated 5 months ago
- Exploit for Symfony CVE-2024-50340 (forked eos)☆30Updated 9 months ago
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆29Updated last year
- A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.☆55Updated 2 years ago
- A really fast http prober.☆40Updated last year
- Tool to fuzz for interesting vhost.☆23Updated 7 months ago
- JSNotify is a Python script designed to monitor JavaScript files in a specified directory for changes. This tool can be used by developer…☆18Updated last year
- Nuclei template to detect Apache servers vulnerable to CVE-2024-38473☆29Updated last year
- A utility for recursively traversing SSL/TLS certificates for collecting DNS names☆48Updated 2 years ago
- swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.☆60Updated 2 years ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆51Updated last year
- Bcheck scripts for Burp☆29Updated last year
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆20Updated 7 months ago
- vīlicus is a bug bounty api dashboard☆41Updated 2 years ago
- A powerful and clean bash script to dump and extract information from Project Discovery's Chaos Project https://chaos.projectdiscovery.io…☆25Updated 3 years ago
- Demo of various ways to exploit post based reflected XSS☆18Updated 2 years ago
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated last year
- ☆37Updated last year
- Nuclei templates for source code analysis. Detects hardcoded secrets, config leaks, debug endpoints. Also helps identify OWASP Top 10 iss…☆76Updated 2 months ago
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆53Updated 11 months ago