Alternatives and similar repositories for evilarc

Users that are interested in evilarc are comparing it to the libraries listed below

• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆645Updated last year
• taviso / rbndr
  Simple DNS Rebinding Service
  ☆714Updated 5 years ago
• TarlogicSecurity / Chankro
  Herramienta para evadir disable_functions y open_basedir
  ☆484Updated 2 years ago
• nccgroup / singularity
  A DNS rebinding attack framework.
  ☆1,239Updated last month
• PortSwigger / http-request-smuggler
  ☆1,173Updated 3 months ago
• BuffaloWill / oxml_xxe
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,123Updated last year
• BishopFox / GadgetProbe
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆612Updated 4 years ago
• jmdx / TLS-poison
  ☆709Updated last year
• irsdl / IIS-ShortName-Scanner
  latest version of scanners for IIS short filename (8.3) disclosure vulnerability
  ☆1,614Updated 2 years ago
• 0xacb / viewgen
  Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
  ☆656Updated 11 months ago
• strozfriedberg / PadBuster
  Automated script for performing Padding Oracle attacks
  ☆801Updated last year
• whitel1st / docem
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆669Updated last year
• enjoiz / XXEinjector
  Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
  ☆1,697Updated last year
• BishopFox / h2csmuggler
  HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
  ☆770Updated 3 years ago
• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆940Updated 4 years ago
• RenwaX23 / XSS-Payloads
  List of XSS Vectors/Payloads
  ☆1,354Updated last year
• PortSwigger / param-miner
  ☆1,399Updated last week
• zigoo0 / JSONBee
  A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
  ☆737Updated last year
• nccgroup / LoggerPlusPlus
  Advanced Burp Suite Logging Extension
  ☆686Updated last year
• PortSwigger / backslash-powered-scanner
  Finds unknown classes of injection vulnerabilities
  ☆704Updated 8 months ago
• filedescriptor / untrusted-types
  ☆695Updated 3 years ago
• incredibleindishell / SSRF_Vulnerable_Lab
  This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
  ☆745Updated 2 years ago
• DiogoMRSilva / websitesVulnerableToSSTI
  Simple websites vulnerable to Server Side Template Injections(SSTI)
  ☆414Updated 2 years ago
• nongiach / sudo_inject
  [Linux] Two Privilege Escalation techniques abusing sudo token
  ☆729Updated 6 years ago
• 0ang3el / websocket-smuggle
  Issues with WebSocket reverse proxying allowing to smuggle HTTP requests
  ☆388Updated last year
• allanlw / svg-cheatsheet
  A cheatsheet for exploiting server-side SVG processors.
  ☆787Updated 5 years ago
• nccgroup / AutoRepeater
  Automated HTTP Request Repeating With Burp Suite
  ☆890Updated 4 years ago
• wireghoul / dotdotpwn
  DotDotPwn - The Directory Traversal Fuzzer
  ☆1,103Updated 3 years ago
• veracode-research / solr-injection
  Apache Solr Injection Research
  ☆580Updated 5 years ago
• cujanovic / SSRF-Testing
  SSRF (Server Side Request Forgery) testing resources
  ☆2,476Updated last year