jzheaux / spel-injectionLinks
An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition
☆28Updated 7 years ago
Alternatives and similar repositories for spel-injection
Users that are interested in spel-injection are comparing it to the libraries listed below
Sorting:
- ☆94Updated 3 years ago
- Improve automated and semi-automated active scanning in Burp Pro☆61Updated 2 months ago
- Make better use of the embedded browser that comes by default with Burp☆44Updated last year
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆72Updated 3 years ago
- ☆26Updated 2 years ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.☆36Updated 2 years ago
- Bcheck scripts for Burp☆29Updated last year
- A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.☆55Updated 2 years ago
- ☆63Updated 2 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆32Updated 5 months ago
- vīlicus is a bug bounty api dashboard☆41Updated last year
- Web cache poisoning vulnerability scanner.☆72Updated 3 years ago
- A collection of utilities for building extensions using Burp's Montoya API☆51Updated last year
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆44Updated last year
- ☆37Updated last month
- This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response ma…☆79Updated last year
- BurpSuite extension to convert requests into bcheck scripts☆33Updated 2 years ago
- A collection of Burp Suite Lambda Filters ~ Bambdas☆28Updated 10 months ago
- swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.☆60Updated 2 years ago
- Server and avi file to exploit FFmpeg HLS parse☆21Updated 6 years ago
- Stay within program scope☆37Updated 2 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆60Updated 2 years ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆63Updated 2 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆34Updated 3 years ago
- ☆166Updated 3 years ago
- Security Advisories☆34Updated last month
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆53Updated 5 months ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆55Updated 9 months ago
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆20Updated 6 months ago
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆20Updated 11 months ago