nccgroup / requests-racer
Small Python library that makes it easy to exploit race conditions in web apps with Requests.
β158Updated last year
Alternatives and similar repositories for requests-racer:
Users that are interested in requests-racer are comparing it to the libraries listed below
- Predict Mongo ObjectIdsβ127Updated 6 years ago
- π΄ββ οΈ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files π΄ββ οΈβ197Updated 5 years ago
- Automatic tool for DNS rebinding-based SSRF attacksβ297Updated 4 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.β258Updated 3 years ago
- Code execution via Python package installation.β169Updated 6 years ago
- A natural evolution of Burp Suite's Repeater toolβ194Updated last year
- ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.β102Updated 6 years ago
- Race Condition frameworkβ268Updated 2 years ago
- Piper Burp Suite Extender pluginβ116Updated 11 months ago
- notes and code on past CTFsβ102Updated 3 years ago
- vulnerable single sign onβ147Updated 6 months ago
- β170Updated 3 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cerβ¦β283Updated last month
- Tool for catching and logging different types of requests.β220Updated 4 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).β123Updated last year
- Evenly distributes scanner load across targetsβ84Updated 2 years ago
- Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains β¦β221Updated 2 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requestsβ351Updated 6 months ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project contaβ¦β50Updated 7 years ago
- Push notifications for passive DNS dataβ107Updated 8 years ago
- Burp Suite Extension to monitor new scopeβ197Updated 3 years ago
- Everything you need about Burp Extension Generationβ152Updated 2 years ago
- find hardcoded strings from source codeβ273Updated 3 years ago
- Security Testing Scripts for JWTβ311Updated 2 years ago
- Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.β266Updated 2 weeks ago
- Pentest/BugBounty progress control with scanning modulesβ283Updated 4 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.β467Updated 5 years ago
- Python automation of Docker.sock abuseβ211Updated 2 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.β347Updated 2 years ago
- secretz, minimizing the large attack surface of Travis CIβ325Updated 2 years ago