securitum / research
research
☆151Updated 11 months ago
Alternatives and similar repositories for research:
Users that are interested in research are comparing it to the libraries listed below
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆258Updated 3 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆347Updated 2 years ago
- ☆263Updated 5 years ago
- HTTP.ninja☆149Updated last year
- Burp Suite Extension to monitor new scope☆197Updated 3 years ago
- 🏴☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴☠️☆197Updated 6 years ago
- Simple "postMessage logger" Chrome extension☆94Updated 4 years ago
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- A natural evolution of Burp Suite's Repeater tool☆195Updated last year
- ☆128Updated 4 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆298Updated 4 years ago
- A test suite built with Mocha/Chai to test for behavioral differences between image libraries for the web☆70Updated 4 years ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆50Updated 7 years ago
- DNS rebinding toolkit☆251Updated last year
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆285Updated last month
- jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.☆150Updated 4 years ago
- Extension to log iframe and cross window communications.☆54Updated last year
- notes and code on past CTFs☆103Updated 3 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆279Updated 7 years ago
- A cheat sheet for attacking SQLite via SQLi☆97Updated 8 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆310Updated last year
- Piper Burp Suite Extender plugin☆117Updated last year
- Payloads for CRLF Injection☆224Updated 5 months ago
- Solutions and write-ups from security-based competitions also known as Capture The Flag competition☆100Updated 4 years ago
- SHELLING - a comprehensive OS command injection payload generator☆107Updated 5 years ago
- ☆170Updated 3 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆179Updated 4 years ago
- Everything you need about Burp Extension Generation☆152Updated 2 years ago
- A mini webserver with FTP support for XXE payloads☆328Updated last year
- Various Payload wordlists☆235Updated 4 years ago