p4k03n4t0r / http-request-smugglingLinks
Blog about HTTP Request Smuggling, including a demo application.
☆29Updated 3 years ago
Alternatives and similar repositories for http-request-smuggling
Users that are interested in http-request-smuggling are comparing it to the libraries listed below
Sorting:
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- ☆21Updated 4 months ago
- Prototype Pollution exploits collection☆35Updated 3 years ago
- ☆166Updated 3 years ago
- Same Origin XSS challenge☆61Updated 3 years ago
- ☆26Updated 2 years ago
- Client-Side Prototype Pollution Tools☆85Updated 3 years ago
- ☆56Updated 3 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆101Updated last month
- A collection of utilities for building extensions using Burp's Montoya API☆51Updated last year
- An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition☆28Updated 7 years ago
- This repo contains solution for ctf challenges☆36Updated 8 months ago
- Security Advisories☆34Updated 3 weeks ago
- A collection of Burp Suite Lambda Filters ~ Bambdas☆28Updated 10 months ago
- LFI to RCE via phpinfo() assistance or via controlled log file☆70Updated 2 years ago
- HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets☆36Updated 2 years ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆55Updated 3 months ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆110Updated last year
- The following package is the standalone wordlist-only component to flask-unsign.☆39Updated last year
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆27Updated 4 years ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆51Updated 3 months ago
- Improve automated and semi-automated active scanning in Burp Pro☆61Updated 2 months ago
- CTF challenges WriteUp☆14Updated 3 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆32Updated 5 months ago
- PoC + Docker Environment for Python PIL/Pillow Remote Shell Command Execution via Ghostscript CVE-2018-16509☆59Updated 4 years ago
- Utility for creating ZipSlip archives☆74Updated 2 years ago
- Make better use of the embedded browser that comes by default with Burp☆44Updated last year
- Awesome MXSS ??☆52Updated 10 months ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆63Updated last year
- DO NOT USE: this is a vulnerable ASP.NET web app using Razor templating engine. The vulnerability is a Server-Side Template Injection (SS…☆28Updated 4 years ago