HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project contact me for private repository access with more tests.
☆49Dec 2, 2017Updated 8 years ago
Alternatives and similar repositories for HTTPWookiee
Users that are interested in HTTPWookiee are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Request Smuggling Firewall☆52Jul 20, 2020Updated 5 years ago
- ☆15May 23, 2019Updated 6 years ago
- CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion☆18Mar 3, 2021Updated 5 years ago
- ☆35Nov 2, 2022Updated 3 years ago
- ☆10Apr 6, 2016Updated 9 years ago
- ☆13Oct 3, 2023Updated 2 years ago
- ☆13May 16, 2019Updated 6 years ago
- LDAP Injection Vulnerability Application(Blog Sample Code)☆22Oct 4, 2018Updated 7 years ago
- Try to detect HTTP desync attack (https://portswigger.net/blog/http-desync-attacks-request-smuggling-reborn)☆11Sep 20, 2019Updated 6 years ago
- My CTF Challenges. No one plays.☆13Dec 4, 2022Updated 3 years ago
- BurpSuite Pro Python Extension☆18Jul 11, 2013Updated 12 years ago
- Security test tool for Blind XSS☆26Mar 5, 2020Updated 6 years ago
- Native Java serialization filter blacklist for common gadgets☆20Sep 12, 2019Updated 6 years ago
- CVE-2021-2109 && Weblogic Server RCE via JNDI☆31Jan 22, 2021Updated 5 years ago
- CVE-2019-6467 (BIND nxdomain-redirect)☆26Apr 25, 2019Updated 6 years ago
- laravel 5.8 rce pop chain☆26Oct 27, 2019Updated 6 years ago
- ☆15Jan 2, 2019Updated 7 years ago
- justCTF 2019 challenges sources☆41Jun 9, 2021Updated 4 years ago
- CVE-2020-8840:FasterXML/jackson-databind 远程代码执行漏洞☆37Feb 24, 2020Updated 6 years ago
- Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.☆35Mar 2, 2020Updated 6 years ago
- CVE-2020-11651: Proof of Concept☆40Jul 7, 2021Updated 4 years ago
- ☆1,189Jan 21, 2026Updated 2 months ago
- Magento shoplift exploit is vulnerability which was discovered by CheckPoint team (http://blog.checkpoint.com/2015/04/20/analyzing-magent…☆13Aug 25, 2015Updated 10 years ago
- PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Or…☆96Jul 21, 2020Updated 5 years ago
- notorious BIG IP☆15Aug 8, 2019Updated 6 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- ☆51Jul 20, 2020Updated 5 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆392Aug 15, 2024Updated last year
- ☆28Jun 7, 2022Updated 3 years ago
- ☆563Mar 27, 2025Updated 11 months ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆284Jul 22, 2017Updated 8 years ago
- Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"☆101Sep 20, 2019Updated 6 years ago
- 利用 webshell 创建交互式终端(Create an interactive terminal with webshell.)☆57Sep 22, 2019Updated 6 years ago
- Timeinator is an extension for Burp Suite that can be used to perform timing attacks over an unreliable network such as the internet.☆22May 9, 2023Updated 2 years ago
- My CTF & Bug Bounty writups☆26Apr 30, 2019Updated 6 years ago
- Apache Tomcat + MongoDB Remote Code Execution☆114Jan 15, 2021Updated 5 years ago
- Exploit code developed/reproduced by me☆89Jan 25, 2023Updated 3 years ago
- CVE-2020-5837 exploit☆42May 13, 2020Updated 5 years ago
- SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing☆91May 10, 2020Updated 5 years ago