justinsteven / advisories

Related projects ⓘ

Alternatives and complementary repositories for advisories

• ettic-team / dnsbin
  The request.bin of DNS request
  ☆231Updated 6 years ago
• mazen160 / struts-pwn_CVE-2018-11776
  An exploit for Apache Struts CVE-2018-11776
  ☆301Updated 6 years ago
• orangetw / Tiny-URL-Fuzzer
  A tiny and cute URL fuzzer
  ☆387Updated 2 years ago
• PortSwigger / collaborator-everywhere
  A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by caus…
  ☆425Updated 11 months ago
• moloch-- / CSP-Bypass
  A Burp Plugin for Detecting Weaknesses in Content Security Policies
  ☆163Updated last year
• PortSwigger / hackability
  Probe a rendering engine for vulnerabilities and other features
  ☆366Updated 3 years ago
• albinowax / ActiveScanPlusPlus
  ActiveScan++ Burp Suite Plugin
  ☆586Updated 2 years ago
• FSecureLABS / dref
  DNS Rebinding Exploitation Framework
  ☆482Updated 3 years ago
• nccgroup / CrossSiteContentHijacking
  Content hijacking proof-of-concept using Flash, PDF and Silverlight
  ☆381Updated 5 years ago
• cyrus-and / mysql-unsha1
  Authenticate against a MySQL server without knowing the cleartext password
  ☆223Updated 2 years ago
• nccgroup / shocker
  A tool to find and exploit servers vulnerable to Shellshock
  ☆333Updated last year
• brannondorsey / dns-rebind-toolkit
  A front-end JavaScript toolkit for creating DNS rebinding attacks.
  ☆485Updated 3 years ago
• taviso / rbndr
  Simple DNS Rebinding Service
  ☆627Updated 4 years ago
• nccgroup / freddy
  Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
  ☆573Updated 3 years ago
• mazen160 / struts-pwn_CVE-2017-9805
  An exploit for Apache Struts CVE-2017-9805
  ☆249Updated 7 years ago
• Coalfire-Research / java-deserialization-exploits
  A collection of curated Java Deserialization Exploits
  ☆590Updated 3 years ago
• ewilded / shelling
  SHELLING - a comprehensive OS command injection payload generator
  ☆438Updated 4 years ago
• orf / xcat
  XPath injection tool
  ☆367Updated last year
• Varbaek / xsser
  From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
  ☆423Updated 4 years ago
• kacperszurek / exploits
  ☆259Updated 5 years ago
• mpgn / ByP-SOP
  🏴‍☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴‍☠️
  ☆196Updated 5 years ago
• appsecco / bugcrowd-levelup-subdomain-enumeration
  This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…
  ☆634Updated 5 years ago
• SecurityInnovation / AuthMatrix
  AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.
  ☆614Updated 8 months ago
• devoteam-cybertrust / burpcollaborator-docker
  This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…
  ☆280Updated 4 months ago
• evilpacket / DVCS-Pillage
  Pillage web accessible GIT, HG and BZR repositories
  ☆314Updated 7 years ago
• mazen160 / server-status_PWN
  A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-s…
  ☆431Updated 3 years ago
• cure53 / browser-sec-whitepaper
  Cure53 Browser Security White Paper
  ☆286Updated 6 years ago
• bcoles / ssrf_proxy
  SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.
  ☆444Updated 6 years ago
• infosec-au / enumXFF
  Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
  ☆218Updated 2 years ago
• h3xstream / http-script-generator
  ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
  ☆289Updated last year