ropnop / xxetimes
An interactive OOB XXE data exfiltration tool
☆90Updated 7 years ago
Related projects: ⓘ
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆136Updated 3 years ago
- Fuzzing for LFI using Burpsuite☆58Updated 7 years ago
- XSS Hunter Burp Plugin☆148Updated 6 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆103Updated 6 years ago
- A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commo…☆46Updated 2 years ago
- ☆41Updated 4 years ago
- ActionScript Proof of Concept to perform cross-domain reads☆45Updated 11 years ago
- siberas JMX exploitation toolkit☆127Updated last year
- A tool that can take a URL or list of URL and prints back SAML consume URL.☆36Updated 5 years ago
- Burp Suite Importer - Connect to multiple web servers while populating the sitemap.☆48Updated 4 years ago
- Simple Server Side Request Forgery services enumeration tool.☆54Updated 6 years ago
- A Burp Extension designed to identify argument injection vulnerabilities.☆115Updated 5 years ago
- Java serialization brute force attack tool.☆123Updated 7 years ago
- Python script to exploit java unserialize on t3 (Weblogic)☆61Updated 7 years ago
- Local File Inclusion Exploitation Tool (mirror)☆121Updated 7 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆171Updated 4 years ago
- Used for the osce exam preparation☆72Updated 8 years ago
- CVE-2018-7600 - Drupal 7.x RCE☆71Updated 6 years ago
- Extension adds a new tab in Burp Suite called Extractor☆42Updated 5 years ago
- JWT Fuzzer for BurpSuite. Adds an Intruder hook for on-the-fly JWT fuzzing.☆98Updated 5 years ago
- Full TTY reverse shell over SSH☆57Updated 4 years ago
- HTML5 WebSocket message fuzzer☆141Updated 5 years ago
- ☆70Updated 6 years ago
- Burp Suite extension to passively scan for applications revealing server error messages☆64Updated 9 months ago
- Pillage a git repo found in an accessible web root☆59Updated 13 years ago
- Oracle WebLogic WLS-WSAT Remote Code Execution Exploit (CVE-2017-10271)☆125Updated 2 years ago
- DupeKeyInjector☆134Updated 2 years ago
- Central Repo for Burp extensions☆146Updated 2 years ago
- A collection of scripts to extend Burp Suite☆138Updated 5 years ago
- Dirbuster plugin for Burp Suite☆70Updated 7 years ago