Alternatives and similar repositories for http-request-smuggling

Users that are interested in http-request-smuggling are comparing it to the libraries listed below

• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆83Updated 2 years ago
• detectify / Varnish-H2-Request-Smuggling
  ☆56Updated 4 years ago
• MrTuxracer / advisories
  Security Advisories
  ☆35Updated last month
• terjanq / same-origin-xss
  Same Origin XSS challenge
  ☆64Updated 3 years ago
• bytehope / wwe
  ☆25Updated 8 months ago
• ariary / HTTPCustomHouse
  HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets
  ☆35Updated 3 years ago
• hackvertor / shadow-repeater
  ☆41Updated 3 weeks ago
• msrkp / MXSS
  Awesome MXSS ??
  ☆55Updated last year
• zeyu2001 / My-CTF-Challenges
  Challenges I wrote for various CTF competitions
  ☆45Updated last year
• GoSecure / request-smuggling-workshop
  ☆27Updated 2 years ago
• doyensec / protoburp
  Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages
  ☆36Updated 2 years ago
• jzheaux / spel-injection
  An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition
  ☆28Updated 7 years ago
• CoreyD97 / Burp-Montoya-Utilities
  A collection of utilities for building extensions using Burp's Montoya API
  ☆52Updated last month
• HLOverflow / XXE-study
  This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…
  ☆112Updated last year
• Kirill89 / prototype-pollution-exploits
  Prototype Pollution exploits collection
  ☆35Updated 4 years ago
• Hakumarachi / WriteUp
  CTF challenges WriteUp
  ☆14Updated 3 years ago
• strellic / my-ctf-challenges
  a repository of all the CTF challenges I've made for public events
  ☆58Updated 4 months ago
• roughiz / lfito_rce
  LFI to RCE via phpinfo() assistance or via controlled log file
  ☆72Updated 2 years ago
• xscorp / jsmug
  A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
  ☆114Updated last year
• yuriisanin / svg2raster-cheatsheet
  A cheatsheet for exploiting server-side SVG rasterization.
  ☆30Updated 3 years ago
• PortSwigger / url-cheatsheet-data
  This is the data that powers the PortSwigger URL validation bypass cheat sheet.
  ☆57Updated 2 months ago
• NightBloodz / CVE-2025-4123
  Script to exploit Grafana CVE-2025-4123: XSS and Full-Read SSRF
  ☆51Updated 4 months ago
• bahruzjabiyev / gudifu-fuzzer
  Guided Differential Fuzzing for HTTP Request Parsing Discrepancies
  ☆20Updated last year
• pentagridsec / PentagridScanController
  Improve automated and semi-automated active scanning in Burp Pro
  ☆62Updated 6 months ago
• yo-yo-yo-jbo / android_webview_security
  Android webviews and securiy
  ☆23Updated 2 months ago
• 254Labs / awesome-bambdas
  A collection of Burp Suite Lambda Filters ~ Bambdas
  ☆29Updated last year
• neex / ghostinthepdf
  ☆169Updated 4 years ago
• dillonfranke / protoburp
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆34Updated 9 months ago
• ambionics / lightyear
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆107Updated 5 months ago
• pry0cc / nmap-to-ports
  Pipe nmap verbose output to a usable format for httpx or host:port notation.
  ☆17Updated 3 years ago