msrkp / MXSS
Awesome MXSS ??
☆45Updated last month
Related projects ⓘ
Alternatives and complementary repositories for MXSS
- A collection of Server-Side Prototype Pollution gadgets and exploits☆133Updated 2 months ago
- ☆65Updated last month
- Challenges I wrote for various CTF competitions☆39Updated 3 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆104Updated 4 months ago
- Some tips for Bug Bounty using LibreOffice☆32Updated 3 months ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆29Updated 2 weeks ago
- Searcher for cross-site leaks (XS-Leaks)☆81Updated last year
- Same Origin XSS challenge☆56Updated 2 years ago
- ☆55Updated last year
- A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs☆60Updated 3 months ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆116Updated last week
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆55Updated last week
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆40Updated last year
- a repository of all the CTF challenges I've made for public events☆47Updated last year
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆43Updated this week
- PP-finder Help you find gadget for prototype pollution exploitation☆138Updated 3 months ago
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆74Updated 5 months ago
- Here i will post my writeups :)☆31Updated last year
- A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON☆112Updated 7 months ago
- Useful configurations for the DomLogger++ extension☆30Updated 2 months ago
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆86Updated 9 months ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆52Updated 5 months ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆85Updated 7 months ago
- CVE-2023-33733 reportlab RCE☆112Updated last year
- A better way of querying certificate transparency logs☆76Updated last year
- unleashed ffuf☆95Updated 4 months ago
- ✨ Build a beautiful and simple website in literally minutes. Demo at https://beautifuljekyll.com☆21Updated last year
- ☆87Updated 11 months ago
- All challenges from DiceCTF 2023☆69Updated last year
- Header Exploitation HTTP☆142Updated this week