httpvoid / writeups
☆1,177Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for writeups
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆1,813Updated 10 months ago
- ☆741Updated 4 months ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆803Updated 2 years ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆934Updated 4 months ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,211Updated last month
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,221Updated 3 years ago
- 🐛 A list of writeups from the Google VRP Bug Bounty program☆1,144Updated 2 months ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hac…☆871Updated this week
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆945Updated 2 years ago
- This script grab public report from hacker one and make some folders with poc videos☆873Updated last year
- declutters url lists for crawling/pentesting☆1,178Updated last week
- A repository that includes all the important wordlists used while bug hunting.☆1,196Updated last year
- Payload Arsenal for Pentration Tester and Bug Bounty Hunters☆891Updated last year
- Community curated list of public bug bounty and responsible disclosure programs.☆1,044Updated this week
- ☆989Updated 2 years ago
- For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙☆1,707Updated 5 months ago
- Because just a dark theme wasn't enough!☆550Updated 2 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,246Updated 3 months ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,054Updated 9 months ago
- ☆654Updated 2 years ago
- 🎯 XML External Entity (XXE) Injection Payload List☆1,091Updated 3 months ago
- XSS payloads designed to turn alert(1) into P1☆1,339Updated last year
- Prototype Pollution and useful Script Gadgets☆1,399Updated 9 months ago
- Automated & Manual Wordlists provided by Assetnote☆1,311Updated 3 months ago
- A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.☆873Updated 10 months ago
- BBT - Bug Bounty Tools (examples💡)☆1,715Updated 7 months ago
- Electron JS Browser To Find XSS Vulnerabilities Automatically☆684Updated 3 years ago
- bypass-url-parser☆1,018Updated last week
- Rockyou for web fuzzing☆2,608Updated 2 months ago
- A tool for adding new lines to files, skipping duplicates☆1,375Updated 9 months ago