raverrr/plution

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/raverrr/plution)

raverrr / plution

Prototype pollution scanner using headless chrome

☆218

Alternatives and similar repositories for plution

Users that are interested in plution are comparing it to the libraries listed below

Sorting:

msrkp / PPScan
View on GitHub
Client Side Prototype Pollution Scanner
☆523Sep 17, 2022Updated 3 years ago
neex / http2smugl
View on GitHub
☆562Mar 27, 2025Updated 11 months ago
Hackmanit / Web-Cache-Vulnerability-Scanner
View on GitHub
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hac…
☆1,153Jan 21, 2026Updated last month
Abdulrahman-Kamel / dpfilter
View on GitHub
BugBounty , sort and delete duplicates param value without missing original value
☆22Jul 31, 2021Updated 4 years ago
kleiton0x00 / ppmap
View on GitHub
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
☆518Jun 22, 2022Updated 3 years ago
NitinYadav00 / My-Nuclei-Templates
View on GitHub
Nuclei Templates - Here you will find the templates I use while hunting
☆120Sep 27, 2021Updated 4 years ago
Sh1Yo / x8
View on GitHub
Hidden parameters discovery suite
☆2,027Sep 8, 2024Updated last year
NagliNagli / Shockwave-OSS
View on GitHub
☆756Jun 26, 2024Updated last year
dwisiswant0 / ppfuzz
View on GitHub
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
☆659Aug 28, 2025Updated 6 months ago
clarkvoss / AEM-List
View on GitHub
☆96Oct 1, 2021Updated 4 years ago
daffainfo / Key-Checker
View on GitHub
Go scripts for checking API key / access token validity
☆221Aug 3, 2021Updated 4 years ago
R0X4R / bhedak
View on GitHub
A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.
☆109Mar 1, 2022Updated 4 years ago
ferreiraklet / airixss
View on GitHub
Finding XSS during recon
☆273Sep 13, 2022Updated 3 years ago
payloadartist / recon
View on GitHub
NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.
☆78Nov 5, 2022Updated 3 years ago
ethicalhackingplayground / TProxer
View on GitHub
A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.
☆184Nov 22, 2021Updated 4 years ago
assetnote / batchql
View on GitHub
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
☆406Dec 24, 2022Updated 3 years ago
Static-Flow / BurpSuiteAutoRepeaterNaming
View on GitHub
This extension replaces the default repeater tab name with the URL path of the repeater request.
☆24Sep 3, 2021Updated 4 years ago
MindPatch / lorsrf
View on GitHub
Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load
☆297Sep 22, 2024Updated last year
ambalabanov / cswsh-scanner
View on GitHub
Scanner for Cross-Site WebSocket Hijacking
☆41Feb 19, 2026Updated last week
bp0lr / gauplus
View on GitHub
☆299Jul 16, 2022Updated 3 years ago
KathanP19 / protoscan
View on GitHub
Prototype Pollution Scanner
☆139Apr 11, 2021Updated 4 years ago
wfinn / redirex
View on GitHub
tool that generates bypasses for open redirects
☆51Apr 18, 2022Updated 3 years ago
geeknik / nuclei-template-generator
View on GitHub
A simple tool which makes creating nuclei templates even easier.
☆36Jun 23, 2024Updated last year
KathanP19 / JSFScan.sh
View on GitHub
Automation for javascript recon in bug bounty.
☆1,069Sep 9, 2023Updated 2 years ago
optiv / mobile-nuclei-templates
View on GitHub
☆436Jun 1, 2021Updated 4 years ago
yavolo / eventlistener-xss-recon
View on GitHub
☆148Dec 23, 2022Updated 3 years ago
root4loot / rescope
View on GitHub
Bugbounty scope tool
☆332Mar 5, 2025Updated 11 months ago
BlackFan / client-side-prototype-pollution
View on GitHub
Prototype Pollution and useful Script Gadgets
☆1,584Jan 27, 2024Updated 2 years ago
In3tinct / Taken
View on GitHub
Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.
☆93Jul 9, 2025Updated 7 months ago
Damian89 / extended-ssrf-search
View on GitHub
Smart ssrf scanner using different methods like parameter brute forcing in post and get...
☆279Feb 11, 2021Updated 5 years ago
ksharinarayanan / SSRFire
View on GitHub
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
☆970Dec 8, 2021Updated 4 years ago
rook1337 / hakrawlerx8chain
View on GitHub
☆13Jul 12, 2021Updated 4 years ago
w9w / JSA
View on GitHub
Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
☆559Mar 8, 2025Updated 11 months ago
xm1k3 / cent
View on GitHub
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…
☆1,039Aug 23, 2025Updated 6 months ago
hahwul / RegexPassive
View on GitHub
🔭 Collection of regexp pattern for security passive scanning
☆116Feb 18, 2023Updated 3 years ago
Leoid / MatchandReplace
View on GitHub
Match and Replace script used to automatically generate JSON option file to BurpSuite
☆215May 13, 2019Updated 6 years ago
Sachin-v3rma / Astra
View on GitHub
Astra is a tool to find URLs and secrets inside a webpage/files
☆212Mar 14, 2023Updated 2 years ago
0xTeles / jsleak
View on GitHub
a Go code to detect leaks in JS files via regex patterns
☆150Oct 20, 2021Updated 4 years ago
visma-prodsec / confused
View on GitHub
Tool to check for dependency confusion vulnerabilities in multiple package management systems
☆778Aug 19, 2024Updated last year