jmdx / TLS-poison
☆684Updated last year
Related projects: ⓘ
- ☆647Updated 2 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆772Updated 2 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆331Updated last month
- List DTDs and generate XXE payloads using those local DTDs.☆601Updated 6 months ago
- Client Side Prototype Pollution Scanner☆507Updated 2 years ago
- ☆527Updated 9 months ago
- Simple DNS Rebinding Service☆613Updated 4 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆581Updated 3 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆663Updated last year
- ☆950Updated 9 months ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆502Updated 7 months ago
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)☆637Updated 2 years ago
- DNS rebinding toolkit☆250Updated last year
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆343Updated last year
- Advanced Burp Suite Logging Extension☆619Updated 3 months ago
- Apache Solr Injection Research☆569Updated 4 years ago
- A simple SSRF-testing sheriff written in Go☆310Updated 5 months ago
- Lesser Known Web Attack Lab☆327Updated 4 years ago
- Content-Type Research☆464Updated 7 months ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆351Updated 2 years ago
- HTTP file upload scanner for Burp Proxy☆394Updated last year
- Create tar/zip archives that can exploit directory traversal vulnerabilities☆967Updated 3 years ago
- A DNS rebinding attack framework.☆1,018Updated 3 months ago
- Automated HTTP Request Repeating With Burp Suite☆839Updated 2 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆577Updated last year
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆398Updated 2 months ago
- Fetches javascript file from a list of URLS or subdomains.☆735Updated last year
- Tool to help exploit XXE vulnerabilities☆535Updated last year
- Quickly Search Large DNS Datasets☆578Updated 3 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆1,785Updated 8 months ago