securitum / research
research
☆151Updated last year
Alternatives and similar repositories for research:
Users that are interested in research are comparing it to the libraries listed below
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆258Updated 3 years ago
- HTTP.ninja☆149Updated last year
- DNS rebinding toolkit☆251Updated last year
- 🏴☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴☠️☆198Updated 6 years ago
- Simple "postMessage logger" Chrome extension☆96Updated 4 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆347Updated 2 years ago
- ☆128Updated 4 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆312Updated last year
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆280Updated 7 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆179Updated 4 years ago
- Burp Suite Extension to monitor new scope☆196Updated 3 years ago
- A natural evolution of Burp Suite's Repeater tool☆195Updated last year
- ☆281Updated 3 years ago
- A mini webserver with FTP support for XXE payloads☆328Updated last year
- ☆263Updated 6 years ago
- jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.☆151Updated 4 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆284Updated 2 months ago
- Automatic tool for DNS rebinding-based SSRF attacks☆298Updated 4 years ago
- Extension to log iframe and cross window communications.☆54Updated 2 years ago
- Utils☆267Updated 9 years ago
- Everything you need about Burp Extension Generation☆152Updated 2 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆352Updated 7 months ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆50Updated 7 years ago
- Payloads for CRLF Injection☆224Updated 5 months ago
- Fuzzing Payloads to Assist in Web Application Testing.☆166Updated 5 years ago
- Various Payload wordlists☆235Updated 4 years ago
- ☆160Updated 7 years ago
- A test suite built with Mocha/Chai to test for behavioral differences between image libraries for the web☆70Updated 4 years ago
- Burp Bounty is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.☆71Updated 3 years ago