jackfromeast / TheHulkLinks
TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.
☆41Updated last week
Alternatives and similar repositories for TheHulk
Users that are interested in TheHulk are comparing it to the libraries listed below
Sorting:
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆51Updated last year
- Awesome MXSS ??☆52Updated 10 months ago
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆70Updated last year
- A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.☆26Updated 4 months ago
- How effective are LLMs in identifying and exploiting security vulnerabilities?☆59Updated 5 months ago
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆41Updated 7 months ago
- A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON☆113Updated last year
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆18Updated last year
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆111Updated 7 months ago
- POC for RCE vulnerability in ParseExcel library, and ParseXLSX too, as a depending library☆17Updated 10 months ago
- ☆21Updated 4 months ago
- PoC for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Iv…☆45Updated 6 months ago
- Chrome Renderer 1day RCE via Type Confusion in Async Stack Trace (v8ctf submission)☆79Updated last year
- A simple mutator engine which focuses on finding unknown classes of injection vulnerabilities☆67Updated last year
- a repository of all the CTF challenges I've made for public events☆53Updated last week
- Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages☆36Updated last year
- This repository offers insights and a proof-of-concept tool to exploit two significant deserialization vulnerabilities in Inductive Autom…☆45Updated last year
- ☆70Updated last month
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆101Updated last month
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- A Pwn2Own 2024 SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE☆92Updated 5 months ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆196Updated 6 months ago
- CVE-2023-33733 reportlab RCE☆119Updated last year
- Same Origin XSS challenge☆61Updated 3 years ago
- Artifact for ICSE 2023☆49Updated 2 years ago
- public archive for corCTF 2022☆35Updated 2 years ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆89Updated last year
- ☆26Updated last year
- Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code☆93Updated 7 months ago
- ☆17Updated 2 years ago