p4k03n4t0r / http-request-smuggling
Blog about HTTP Request Smuggling, including a demo application.
☆24Updated 3 years ago
Alternatives and similar repositories for http-request-smuggling:
Users that are interested in http-request-smuggling are comparing it to the libraries listed below
- Same Origin XSS challenge☆56Updated 2 years ago
- ☆25Updated 2 years ago
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- Searcher for cross-site leaks (XS-Leaks)☆81Updated 2 years ago
- A collection of Burp Suite Lambda Filters ~ Bambdas☆26Updated 6 months ago
- A collection of utilities for building extensions using Burp's Montoya API☆47Updated 9 months ago
- Simple taint analyzer for PHP/WordPress using VKCOM/php-parser☆18Updated 2 years ago
- LFI to RCE via phpinfo() assistance or via controlled log file☆62Updated 2 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆84Updated 4 months ago
- CTF challenges WriteUp☆14Updated 2 years ago
- This repo contains solution for ctf challenges☆34Updated 4 months ago
- Awesome MXSS ??☆48Updated 6 months ago
- Utility for creating ZipSlip archives☆72Updated 2 years ago
- Prototype Pollution exploits collection☆32Updated 3 years ago
- tetctf2020_amf_writeups☆23Updated 4 years ago
- CVE-2022-21907 Vulnerability PoC☆27Updated 3 years ago
- ☆160Updated 3 years ago
- The following package is the standalone wordlist-only component to flask-unsign.☆38Updated 9 months ago
- Make better use of the embedded browser that comes by default with Burp☆43Updated last year
- ☆50Updated 2 years ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆48Updated 4 months ago
- A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.☆39Updated 4 months ago
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆12Updated last year
- ☆56Updated 3 years ago
- WordPress - Authenticated XXE (CVE-2021-29447)☆42Updated 3 years ago
- This repository is an interactive collection of my solutions to various XSS challenges.☆12Updated 4 years ago
- A cheatsheet for exploiting server-side SVG rasterization.☆30Updated 2 years ago
- ☆39Updated 2 months ago
- Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell☆21Updated 3 years ago
- ☆13Updated 3 weeks ago