incredibleindishell / SSRF_Vulnerable_Lab
This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
☆663Updated last year
Related projects: ⓘ
- List DTDs and generate XXE payloads using those local DTDs.☆601Updated 6 months ago
- Open Redirect Payloads☆571Updated 2 years ago
- Local file inclusion exploitation tool☆767Updated last year
- OSWE Preparation☆554Updated 2 years ago
- Tool to help exploit XXE vulnerabilities☆535Updated last year
- Web App bug hunting☆549Updated 2 months ago
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆373Updated last year
- A wordlist of API names for web application assessments☆725Updated last year
- HTTP file upload scanner for Burp Proxy☆394Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆772Updated 2 years ago
- 🎯 Open Redirect Payload List☆509Updated 2 months ago
- Fetches javascript file from a list of URLS or subdomains.☆735Updated last year
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,657Updated 4 months ago
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,209Updated 3 years ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆686Updated last year
- 🎯 RFI/LFI Payload List☆527Updated 2 months ago
- A Powerful Subdomain Takeover Tool☆919Updated 11 months ago
- Repository for hosting my research papers☆498Updated 5 months ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆398Updated 2 months ago
- A cheatsheet for exploiting server-side SVG processors.☆672Updated 4 years ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆635Updated 5 years ago
- An automated approach to performing recon for bug bounty hunting and penetration testing.☆441Updated 4 years ago
- HTTP file upload scanner for Burp Proxy☆479Updated 8 months ago
- Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security prof…☆411Updated 3 years ago
- A small tool that extracts relative URLs from a file.☆720Updated 3 years ago
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆515Updated 6 years ago
- Generates combination of domain names from the provided input.☆886Updated 2 months ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,185Updated this week
- Content discovery wordlists generated using BigQuery☆545Updated 4 years ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆925Updated 2 months ago