pyn3rd / Spring-Boot-Vulnerability
☆393Updated 2 years ago
Related projects: ⓘ
- ☆277Updated 2 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆502Updated 7 months ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆548Updated 3 years ago
- jolokia-exploitation-toolkit☆276Updated 5 months ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆343Updated last year
- List DTDs and generate XXE payloads using those local DTDs.☆601Updated 6 months ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆701Updated 3 years ago
- When MVC magic turns black☆279Updated 4 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆581Updated 3 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆159Updated 5 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆772Updated 2 years ago
- DNS rebinding toolkit☆250Updated last year
- JMX enumeration and attacking tool.☆382Updated 5 months ago
- ☆354Updated this week
- Burp Extensions Api☆136Updated last month
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…☆210Updated this week
- ☆82Updated 3 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆275Updated 3 years ago
- Grafana Unauthorized arbitrary file reading vulnerability☆350Updated last year
- essential templates for kenzer [DEPRECATED]☆106Updated last year
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆509Updated 4 years ago
- That repository contains my updates to the well know java deserialization exploitation tool ysoserial.☆173Updated 2 years ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆110Updated 4 years ago
- Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.☆182Updated 3 months ago
- Small Tool written based on chaos from projectdiscovery.io☆163Updated 7 months ago
- ActiveScan++ Burp Suite Plugin☆206Updated 9 months ago
- Burpsuite plugin for Interact.sh☆197Updated 2 months ago
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…