p4k03n4t0r / http-request-smugglingView external linksLinks
Blog about HTTP Request Smuggling, including a demo application.
β32Jan 4, 2022Updated 4 years ago
Alternatives and similar repositories for http-request-smuggling
Users that are interested in http-request-smuggling are comparing it to the libraries listed below
Sorting:
- β29Jan 10, 2023Updated 3 years ago
- An easy to navigate list of unicode characters that have risky transformations π₯β25Mar 22, 2022Updated 3 years ago
- β22Aug 3, 2024Updated last year
- β11Dec 17, 2018Updated 7 years ago
- A handy plugin for copying requests/responses directly from Burp, some extra magic included.β13Oct 15, 2021Updated 4 years ago
- Summary and archive of Vatican .va (Holy See) ccTLD zone data for researchers.β13Apr 26, 2023Updated 2 years ago
- This a Complete tool contained box for Capture The Flag competition. Mostly I have inserted all the necessary tools. Some of the people hβ¦β11Apr 16, 2022Updated 3 years ago
- S3 Buckets that will let you list all files inside themβ14Apr 26, 2018Updated 7 years ago
- A modular URL deduplication tool.β19Feb 19, 2025Updated 11 months ago
- β32May 30, 2019Updated 6 years ago
- β21Sep 12, 2025Updated 5 months ago
- A simple utility to fetch freshly updated DNS resolversβ19Feb 17, 2024Updated last year
- Python exploit of cve-2020-7247β25Feb 19, 2020Updated 5 years ago
- β15Feb 5, 2025Updated last year
- NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.β78Nov 5, 2022Updated 3 years ago
- Automated Recon Tool Installerβ15Jun 29, 2022Updated 3 years ago
- A tool to test working urls.β43Nov 17, 2020Updated 5 years ago
- β19Jun 24, 2021Updated 4 years ago
- cve-2014-0130 rails directory traversal vulnβ19May 15, 2017Updated 8 years ago
- Exploit script for the CFOR vulnerability using Github's GraphQL APIβ23Aug 7, 2024Updated last year
- A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! π»β125Sep 6, 2022Updated 3 years ago
- All about CVE-2018-14667; From what it is to how to successfully exploit it.β50Nov 30, 2018Updated 7 years ago
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter spβ¦β21Jan 20, 2025Updated last year
- Detects request smuggling via HTTP/2 downgrades.β94Jul 30, 2022Updated 3 years ago
- Bug Bounty Recon Automation Script -- Scan AWS IP Range Certs for Matching FQDNβ27Sep 17, 2021Updated 4 years ago
- Feed it a list of subdomains, it will resolve them and tell you which ones are internalβ93Nov 21, 2021Updated 4 years ago
- β24Jan 26, 2021Updated 5 years ago
- recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to termiβ¦β25Feb 11, 2023Updated 3 years ago
- Make exploiting race conditions in web applications highly efficient and ease-of-use.β27Jun 18, 2025Updated 7 months ago
- β27Aug 5, 2019Updated 6 years ago
- A collection of famous recon public scripts, but in bash <3β29Mar 2, 2021Updated 4 years ago
- This tool is useful to find a particular string in a list of URLs using tesseract's OCR (Optical Character Recognition) capabilitiesβ32Jan 17, 2022Updated 4 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID securityβ175Oct 26, 2024Updated last year
- β65Dec 9, 2021Updated 4 years ago
- XSS scanning with Dalfox on Github-actionβ26Nov 26, 2023Updated 2 years ago
- Noobish Recon Automationβ20Feb 15, 2024Updated last year
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).β26May 30, 2021Updated 4 years ago
- A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.β62Nov 17, 2023Updated 2 years ago
- Let's check if your target is vulnerable for client side prototype pollution.β65Jan 9, 2024Updated 2 years ago