research
☆152Mar 21, 2024Updated 2 years ago
Alternatives and similar repositories for research
Users that are interested in research are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Prototype Pollution and useful Script Gadgets☆1,601Jan 27, 2024Updated 2 years ago
- Client Side Prototype Pollution Scanner☆523Sep 17, 2022Updated 3 years ago
- Client-Side Prototype Pollution Tools☆87Sep 21, 2021Updated 4 years ago
- ☆695Jul 4, 2022Updated 3 years ago
- XS-Leaks Wiki☆178Mar 13, 2026Updated last week
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- ☆17Jul 31, 2021Updated 4 years ago
- A collection of browser-based side channel attack vectors.☆760Mar 19, 2024Updated 2 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- Prototype Pollution exploits collection☆37Aug 8, 2021Updated 4 years ago
- 🔪Browser logic vulnerabilities☆696Jan 23, 2021Updated 5 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆392Aug 15, 2024Updated last year
- Funny project to create an encoder/obfuscator that converts any javascript code into a code that only consist of /[a-z().]/ characters☆82Oct 11, 2019Updated 6 years ago
- websocket-connection-smuggler☆66Jan 22, 2020Updated 6 years ago
- A extension for collecting parameters☆25Oct 25, 2020Updated 5 years ago
- A malicious LDAP server for JNDI injection attacks☆76Nov 15, 2024Updated last year
- xss development frameworks, with the goal of making payload writing easier.☆154Aug 7, 2024Updated last year
- Apache Solr Injection Research☆580Jan 28, 2020Updated 6 years ago
- XSS Payload without Anything.☆104Jun 28, 2019Updated 6 years ago
- ☆705Nov 27, 2024Updated last year
- Fuzzing Payloads to Assist in Web Application Testing.☆166Jun 6, 2019Updated 6 years ago
- Content released at NorthSec 2018 for my talk on prototype pollution☆535May 25, 2024Updated last year
- List DTDs and generate XXE payloads using those local DTDs.☆651Feb 21, 2024Updated 2 years ago
- Everything about xss protection technology☆14Oct 22, 2019Updated 6 years ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,296Jan 26, 2024Updated 2 years ago
- Reverse proxies cheatsheet☆1,855Nov 4, 2023Updated 2 years ago
- ☆23Apr 21, 2022Updated 3 years ago
- Burp Suite Extension to monitor new scope☆200Mar 31, 2021Updated 4 years ago
- DupeKeyInjector☆134Apr 16, 2022Updated 3 years ago
- Improved decoder for Burp Suite☆138Aug 30, 2021Updated 4 years ago
- List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.☆84Mar 23, 2018Updated 8 years ago
- secretz, minimizing the large attack surface of Travis CI☆324May 30, 2022Updated 3 years ago
- Detects request smuggling via HTTP/2 downgrades.☆94Jul 30, 2022Updated 3 years ago
- A fast generative fuzzer for HTTP☆16Nov 29, 2018Updated 7 years ago
- ☆14Apr 23, 2019Updated 6 years ago
- ☆71Nov 8, 2021Updated 4 years ago
- ☆12Sep 23, 2023Updated 2 years ago
- CLI script to use GadgetProbe as a library to generate serialized payloads of DNS callbacks to free DNSbin to probe what Java classpaths …☆14Jun 8, 2021Updated 4 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago