Blog about HTTP Request Smuggling, including a demo application.
☆32Jan 4, 2022Updated 4 years ago
Alternatives and similar repositories for http-request-smuggling
Users that are interested in http-request-smuggling are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆29Jan 10, 2023Updated 3 years ago
- Resources to learn about Insecure Deserialization☆17Jul 12, 2024Updated last year
- An easy to navigate list of unicode characters that have risky transformations 💥☆25Mar 22, 2022Updated 4 years ago
- A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻☆124Sep 6, 2022Updated 3 years ago
- async parser for JET☆25Nov 14, 2025Updated 4 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Challenge source code and author write-ups for KalmarCTF☆70Jan 7, 2026Updated 2 months ago
- ☆22Aug 3, 2024Updated last year
- A handy plugin for copying requests/responses directly from Burp, some extra magic included.☆13Oct 15, 2021Updated 4 years ago
- ☆21Sep 12, 2025Updated 6 months ago
- Writeup for the challenges in H@cktivityCon CTF 2020☆17Aug 6, 2020Updated 5 years ago
- ☆22Dec 1, 2025Updated 3 months ago
- Summary and archive of Vatican .va (Holy See) ccTLD zone data for researchers.☆13Apr 26, 2023Updated 2 years ago
- Examples of simple code patterns causing BOF☆14Apr 10, 2020Updated 5 years ago
- ☆11Dec 17, 2018Updated 7 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- cve-2014-0130 rails directory traversal vuln☆18May 15, 2017Updated 8 years ago
- This a Complete tool contained box for Capture The Flag competition. Mostly I have inserted all the necessary tools. Some of the people h…☆11Apr 16, 2022Updated 3 years ago
- ☆28Updated this week
- S3 Buckets that will let you list all files inside them☆14Apr 26, 2018Updated 7 years ago
- GDB plugin to dump SECCOMP rules set via prctnl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER)☆22Mar 13, 2016Updated 10 years ago
- Security challenges and CTFs created by the Penultimate team.☆14Feb 22, 2018Updated 8 years ago
- A tool to test working urls.☆43Nov 17, 2020Updated 5 years ago
- Accompanying material needed for the workshop☆11Jun 14, 2023Updated 2 years ago
- Kernel PWN Tooklkit aimed mainly for CTF players☆18Jul 31, 2024Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets☆35Sep 23, 2022Updated 3 years ago
- ☆60Oct 9, 2024Updated last year
- NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.☆78Nov 5, 2022Updated 3 years ago
- ☆32May 30, 2019Updated 6 years ago
- Magisk module that adds the Burp certificate to the system's root CA store☆21Sep 3, 2023Updated 2 years ago
- ☆19Jun 24, 2021Updated 4 years ago
- A modular URL deduplication tool.☆19Feb 19, 2025Updated last year
- A script to detect stack-strings by using emulation (leveraging Unicorn)☆35Dec 6, 2025Updated 3 months ago
- Online test is available 👉☆12Mar 17, 2026Updated last week
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A simple utility to fetch freshly updated DNS resolvers☆19Feb 17, 2024Updated 2 years ago
- CVE-2022-36946 linux kernel panic in netfilter_queue☆22Jun 21, 2024Updated last year
- PHP 8 Sandbox Escape☆71Feb 28, 2026Updated last month
- All about CVE-2018-14667; From what it is to how to successfully exploit it.☆50Nov 30, 2018Updated 7 years ago
- This tool is useful to find a particular string in a list of URLs using tesseract's OCR (Optical Character Recognition) capabilities☆31Jan 17, 2022Updated 4 years ago
- This repository contains the mobile Proof of Concept (POC) tester for CTF challenges. The POC tester is a web application that allows use…☆20Oct 3, 2025Updated 5 months ago
- Automated Recon Tool Installer☆16Jun 29, 2022Updated 3 years ago