jzheaux / spel-injection
An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition
☆26Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for spel-injection
- tool that generates bypasses for open redirects☆48Updated 2 years ago
- ☆23Updated last year
- Bcheck scripts for Burp☆23Updated 3 months ago
- ☆19Updated 2 months ago
- Make better use of the embedded browser that comes by default with Burp☆39Updated 10 months ago
- Enhanced 403 bypass header☆21Updated 2 years ago
- Web cache poisoning vulnerability scanner.☆61Updated 2 years ago
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆39Updated 5 months ago
- Additional nuclei templates☆34Updated last year
- A powerful Burp extension to make bounty rain☆14Updated 2 years ago
- vīlicus is a bug bounty api dashboard☆39Updated last year
- ☆55Updated last year
- Some of the gf patterns which i use☆38Updated 2 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆33Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆67Updated 2 years ago
- Chameleon Wordlists☆14Updated 2 years ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.☆35Updated 2 years ago
- ☆33Updated 4 years ago
- A burp-suite plugin that extract all parameter names from in-scope requests☆29Updated 3 years ago
- ☆33Updated 3 years ago
- A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.☆53Updated last year
- URL scanner for recon, vulnerabilities, secrets and more!☆12Updated 3 years ago
- A simple utility to generate domain names with all possible TLDs☆23Updated last year
- 🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯☆24Updated last year
- ☆36Updated 4 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated last year
- This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.☆37Updated 2 years ago
- ☆26Updated 2 years ago
- ☆10Updated 2 years ago
- Dependency Confusion Security Testing Tool☆39Updated 2 years ago