POC in order to materialize CSRF prevention concepts described in the following OWASP CSRF cheatsheet
☆30May 25, 2017Updated 8 years ago
Alternatives and similar repositories for poc-csrf
Users that are interested in poc-csrf are comparing it to the libraries listed below
Sorting:
- Provide some tips to handle Injection into application code (OWASP TOP 10 - A1).☆10Nov 11, 2020Updated 5 years ago
- Template repo for Conjur repositories☆17Nov 3, 2025Updated 4 months ago
- Automagically decode DNS Exfiltration queries to convert Blind RCE into proper RCE via Burp Collaborator☆20Jan 7, 2026Updated last month
- A collection of http fuzzing python scripts to fuzz HTTP servers for bugs.☆16Oct 1, 2023Updated 2 years ago
- ☆13Oct 15, 2018Updated 7 years ago
- ☆16Apr 21, 2023Updated 2 years ago
- A proof of concept project that demonstrates oWASP.org's top 10 web vulnerabilities☆21Jun 22, 2015Updated 10 years ago
- ☆30Sep 5, 2025Updated 5 months ago
- Scapy Penetration testing scripts☆21May 26, 2015Updated 10 years ago
- Bybit API client library for Go (ByBit API connector)☆10Dec 19, 2025Updated 2 months ago
- 💣 REST and SOAP web API fuzzer☆25May 17, 2016Updated 9 years ago
- ☆14Jan 13, 2026Updated last month
- ☆35Jan 4, 2026Updated 2 months ago
- ☆10Sep 24, 2021Updated 4 years ago
- Proof of concept written in Python to show that in some situations a SSRF vulnerability can be used to steal NTLMv1/v2 hashes.☆57Dec 18, 2017Updated 8 years ago
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆40Nov 21, 2021Updated 4 years ago
- A tampered payload generator to Fuzz Web Application Firewalls☆34Nov 4, 2019Updated 6 years ago
- Final year project in Magshimim, focusing on Python development and Web Exploitation.☆10Apr 29, 2023Updated 2 years ago
- ☆10Mar 6, 2023Updated 2 years ago
- Slides, collaboration doc, and code building a recommendation system example presented in a meetup talks☆14Sep 24, 2020Updated 5 years ago
- ☆14Feb 19, 2023Updated 3 years ago
- Metasploit framework via HTTP services☆10Jul 31, 2021Updated 4 years ago
- ☆10Mar 11, 2024Updated last year
- Jenkins WebInspect Plugin Publisher provides the ability to upload a WebInspect scan file, from your Jenkins server to your Fortify Softw…☆11Dec 23, 2025Updated 2 months ago
- The 802.11 Hacking Repo.☆41Aug 10, 2015Updated 10 years ago
- LFI/RFI Payload Tests Project☆36Oct 21, 2019Updated 6 years ago
- 基于 ajaxfileupload.js 文件的增强版 ajaxfileupload.js☆11Apr 8, 2019Updated 6 years ago
- This repository is related to specialized books published by the THB team.☆20Aug 13, 2025Updated 6 months ago
- Priv8 Tools Software Mass Dork Auto Exploit.☆13Feb 1, 2023Updated 3 years ago
- An patch porting qwingraph (wingraph written in qt4) to qt5.☆10Aug 21, 2019Updated 6 years ago
- Converts burp's sitemap to sulley's fuzzing script☆11Aug 30, 2015Updated 10 years ago
- Enable Falco to read audit logs from EKS☆11Dec 13, 2020Updated 5 years ago
- Describe how to use ffuf different options with examples☆13Jun 13, 2022Updated 3 years ago
- XXE injection (file disclosure) exploit for Apache OFBiz < 16.11.04☆13Oct 16, 2018Updated 7 years ago
- Script to check Azure Front Door WAF for insecure RemoteAddr variable☆27Jul 11, 2025Updated 7 months ago
- OWASP Web Security Testing Guide RAG system with ChromaDB, MCP for Claude Code☆17Dec 11, 2025Updated 2 months ago
- ☆14Jun 27, 2022Updated 3 years ago
- gRPC / gRPC-Web Pentest Practicing Lab☆10Aug 29, 2023Updated 2 years ago
- ☆14Mar 8, 2021Updated 4 years ago