rudSarkar / crlf-injector
A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.
☆46Updated 2 years ago
Alternatives and similar repositories for crlf-injector:
Users that are interested in crlf-injector are comparing it to the libraries listed below
- OWASP Skanda - SSRF Exploitation Framework☆38Updated 11 years ago
- Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.☆48Updated 4 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆103Updated 6 years ago
- Burp Suite Attack Selector Plugin☆61Updated 7 years ago
- Simple Server Side Request Forgery services enumeration tool.☆55Updated 6 years ago
- ActionScript Proof of Concept to perform cross-domain reads☆44Updated 11 years ago
- Burp extension☆57Updated 6 years ago
- ☆42Updated 4 years ago
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆137Updated 4 years ago
- An interactive OOB XXE data exfiltration tool☆91Updated 7 years ago
- CORS checking☆34Updated 6 years ago
- XSS Payloads☆49Updated 9 years ago
- Various tools for managing bug bounty recon and exploration.☆47Updated 2 years ago
- CVE-2018-7600 - Drupal 7.x RCE☆71Updated 6 years ago
- Another plugin for CRLF vulnerability detection☆26Updated 8 years ago
- Extension adds a new tab in Burp Suite called Extractor☆43Updated 5 years ago
- ☆70Updated 7 years ago
- Fuzzing for LFI using Burpsuite☆61Updated 8 years ago
- All about CVE-2018-14667; From what it is to how to successfully exploit it.☆50Updated 6 years ago
- Burp extension to passively scan for applications revealing software version numbers☆30Updated 9 months ago
- Automated information gathering tool for pentest☆54Updated 8 years ago
- Test CVE-2018-0296 and extract usernames☆106Updated 6 years ago
- Automatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS☆83Updated 2 years ago
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆42Updated 12 years ago
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆54Updated 7 years ago
- Burp Suite extension to passively scan for applications revealing server error messages☆66Updated last year
- Burp Suite extension for JAX-RS☆65Updated 8 years ago
- SQLNuke | Fast Performing MYSQL Injection load_file() Fuzzer☆38Updated 11 years ago
- Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro☆52Updated 11 years ago
- Study about HQL injection exploitation.☆51Updated 8 years ago