A DNS rebinding attack framework.
☆1,270Dec 4, 2025Updated 3 months ago
Alternatives and similar repositories for singularity
Users that are interested in singularity are comparing it to the libraries listed below
Sorting:
- DNS Rebinding Exploitation Framework☆492Apr 27, 2021Updated 4 years ago
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆498Oct 2, 2021Updated 4 years ago
- A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)☆657Dec 17, 2021Updated 4 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,483Oct 12, 2024Updated last year
- Prototype Pollution and useful Script Gadgets☆1,601Jan 27, 2024Updated 2 years ago
- ☆705Nov 27, 2024Updated last year
- Client Side Prototype Pollution Scanner☆523Sep 17, 2022Updated 3 years ago
- DNS rebinding toolkit☆254May 22, 2023Updated 2 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆957Dec 31, 2021Updated 4 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆2,063Jan 2, 2024Updated 2 years ago
- Deserialization payload generator for a variety of .NET formatters☆3,689Dec 23, 2024Updated last year
- Automatic SSRF fuzzer and exploitation tool☆3,502Sep 4, 2025Updated 6 months ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆583Sep 7, 2021Updated 4 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,768Sep 29, 2025Updated 5 months ago
- Simple DNS Rebinding Service☆728Jan 16, 2020Updated 6 years ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,324Apr 18, 2023Updated 2 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,125Apr 21, 2024Updated last year
- The cheat sheet about Java Deserialization vulnerabilities☆3,172May 26, 2023Updated 2 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆651Feb 21, 2024Updated 2 years ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,744Feb 16, 2026Updated last month
- A Tool for Domain Flyovers☆5,912May 22, 2022Updated 3 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆659Feb 1, 2025Updated last year
- Reverse proxies cheatsheet☆1,855Nov 4, 2023Updated 2 years ago
- ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.☆2,250Jan 8, 2026Updated 2 months ago
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆6,435May 1, 2025Updated 10 months ago
- HTTP parameter discovery suite.☆6,142Feb 20, 2025Updated last year
- ☆1,189Jan 21, 2026Updated 2 months ago
- Convolutional neural network for analyzing pentest screenshots☆1,279Mar 8, 2026Updated last week
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,592Feb 8, 2025Updated last year
- ☆563Mar 27, 2025Updated 11 months ago
- A collection of browser-based side channel attack vectors.☆760Mar 19, 2024Updated 2 years ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆447Sep 7, 2022Updated 3 years ago
- ☆695Jul 4, 2022Updated 3 years ago
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,477Jan 9, 2025Updated last year
- A python script that finds endpoints in JavaScript files☆4,300Apr 13, 2024Updated last year
- DNS Takeover tool written in Go☆2,033Updated this week
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,812Dec 4, 2025Updated 3 months ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆736May 4, 2019Updated 6 years ago