jzheaux / spel-injectionLinks
An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition
☆28Updated 7 years ago
Alternatives and similar repositories for spel-injection
Users that are interested in spel-injection are comparing it to the libraries listed below
Sorting:
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆20Updated 10 months ago
- Make better use of the embedded browser that comes by default with Burp☆43Updated last year
- ☆36Updated last week
- Enhanced 403 bypass header☆21Updated 2 years ago
- vīlicus is a bug bounty api dashboard☆41Updated last year
- ☆20Updated 2 weeks ago
- URL scanner for recon, vulnerabilities, secrets and more!☆12Updated 3 years ago
- Bcheck scripts for Burp☆28Updated 10 months ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆32Updated 3 months ago
- tool that generates bypasses for open redirects☆52Updated 3 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆34Updated 3 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆71Updated 3 years ago
- A collection of utilities for building extensions using Burp's Montoya API☆50Updated last year
- ☆11Updated 3 years ago
- A collection of Burp Suite Lambda Filters ~ Bambdas☆26Updated 8 months ago
- Results from analyzing data gathered from 1.6 billion subdomains☆27Updated 8 months ago
- ☆19Updated 3 months ago
- A simple utility to generate domain names with all possible TLDs☆23Updated 2 years ago
- ☆37Updated last year
- ☆63Updated 2 years ago
- ☆94Updated 3 years ago
- Chameleon Wordlists☆16Updated 2 years ago
- ☆26Updated 2 years ago
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Updated 9 months ago
- ☆33Updated 4 years ago
- A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.☆55Updated 2 years ago
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆20Updated 5 months ago
- My gfPatterns☆15Updated 3 years ago
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆44Updated last year
- Tool for helping in the exploitation of path traversal vulnerabilities in Java web applications☆32Updated 2 years ago