orangetw / bug-bounty-referenceLinks
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
☆55Updated 8 years ago
Alternatives and similar repositories for bug-bounty-reference
Users that are interested in bug-bounty-reference are comparing it to the libraries listed below
Sorting:
- YSOSERIAL Integration with burp suite☆166Updated 2 years ago
- Java serialization brute force attack tool.☆123Updated 8 years ago
- CVE-2018-7600 - Drupal 7.x RCE☆72Updated 7 years ago
- Script to test if a server is vulnerable to the JetLeak vulnerability☆144Updated 9 years ago
- ☆162Updated 7 years ago
- ☆232Updated 9 years ago
- Central Repo for Burp extensions☆151Updated 3 years ago
- ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)☆292Updated 2 years ago
- XSS Fuzzer is a tool which generates XSS payloads based on user-defined vectors and fuzzing lists.☆140Updated 6 years ago
- ☆56Updated 8 years ago
- Java deserialization exploitation lab.☆234Updated 6 years ago
- Tool for CVE-2018-16323☆81Updated 6 years ago
- 2 web tasks from ZeroNights HackQuest 2016☆50Updated 8 years ago
- Spring messaging STOMP protocol RCE☆113Updated 7 years ago
- Utils☆273Updated 9 years ago
- Web Fuzzing Discovery and Attack Pattern Database☆115Updated 7 years ago
- CVE-2018-7600 Drupal RCE☆116Updated 7 years ago
- Security checks pack for Burp Suite☆139Updated 7 years ago
- Web Input Vector Extractor Teaser☆132Updated 3 years ago
- A Java serializer in JavaScript☆81Updated 7 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆34Updated 8 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆124Updated 7 years ago
- XXE Out of Band Server.☆170Updated 2 years ago
- HTML5 WebSocket message fuzzer☆146Updated 6 years ago
- WebLogic Exploit☆142Updated 7 years ago
- Develop Burp extensions in Jython☆179Updated 8 years ago
- 各种漏洞poc、Exp的收集或编写☆33Updated 9 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆103Updated 7 years ago
- Cross Site Scripting Payloads -- Variations☆72Updated 4 months ago
- Deemon is a tool to detect CSRF in web applications. Deemon has been used for the paper "Deemon: Detecting CSRF with Dynamic Analysis and…☆74Updated 7 years ago