Alternatives and similar repositories for evilarc

Users that are interested in evilarc are comparing it to the libraries listed below

• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆639Updated last year
• taviso / rbndr
  Simple DNS Rebinding Service
  ☆704Updated 5 years ago
• TarlogicSecurity / Chankro
  Herramienta para evadir disable_functions y open_basedir
  ☆465Updated 2 years ago
• BuffaloWill / oxml_xxe
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,114Updated 10 months ago
• nccgroup / singularity
  A DNS rebinding attack framework.
  ☆1,205Updated 2 weeks ago
• strozfriedberg / PadBuster
  Automated script for performing Padding Oracle attacks
  ☆795Updated last year
• jmdx / TLS-poison
  ☆702Updated 11 months ago
• BishopFox / GadgetProbe
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆610Updated 4 years ago
• PortSwigger / http-request-smuggler
  ☆1,158Updated last month
• 0xacb / viewgen
  Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
  ☆647Updated 9 months ago
• whitel1st / docem
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆660Updated last year
• zigoo0 / JSONBee
  A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
  ☆731Updated last year
• nccgroup / LoggerPlusPlus
  Advanced Burp Suite Logging Extension
  ☆679Updated last year
• 0ang3el / websocket-smuggle
  Issues with WebSocket reverse proxying allowing to smuggle HTTP requests
  ☆381Updated last year
• filedescriptor / untrusted-types
  ☆687Updated 3 years ago
• irsdl / IIS-ShortName-Scanner
  latest version of scanners for IIS short filename (8.3) disclosure vulnerability
  ☆1,587Updated 2 years ago
• BishopFox / h2csmuggler
  HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
  ☆760Updated 3 years ago
• PortSwigger / backslash-powered-scanner
  Finds unknown classes of injection vulnerabilities
  ☆706Updated 6 months ago
• nongiach / sudo_inject
  [Linux] Two Privilege Escalation techniques abusing sudo token
  ☆721Updated 6 years ago
• enjoiz / XXEinjector
  Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
  ☆1,687Updated 11 months ago
• PortSwigger / param-miner
  ☆1,389Updated 2 months ago
• veracode-research / solr-injection
  Apache Solr Injection Research
  ☆578Updated 5 years ago
• incredibleindishell / SSRF_Vulnerable_Lab
  This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
  ☆742Updated 2 years ago
• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆924Updated 3 years ago
• DiogoMRSilva / websitesVulnerableToSSTI
  Simple websites vulnerable to Server Side Template Injections(SSTI)
  ☆407Updated 2 years ago
• jrmdev / mitm_relay
  Hackish way to intercept and modify non-HTTP protocols through Burp & others.
  ☆614Updated last year
• wireghoul / dotdotpwn
  DotDotPwn - The Directory Traversal Fuzzer
  ☆1,094Updated 3 years ago
• msrkp / PPScan
  Client Side Prototype Pollution Scanner
  ☆522Updated 3 years ago
• lucyoa / kernel-exploits
  ☆1,176Updated 8 years ago
• nccgroup / AutoRepeater
  Automated HTTP Request Repeating With Burp Suite
  ☆885Updated 3 years ago