stypr / vulnerable-nodejs-express-mysql
Example of a vulnerable NodeJS+Express+MySQL service
☆18Updated last year
Related projects ⓘ
Alternatives and complementary repositories for vulnerable-nodejs-express-mysql
- HTTP request smuggling tools☆17Updated 4 years ago
- List of Trusted Types bypasses☆85Updated 6 months ago
- a tool that compiles a csv of all h1 program stats☆46Updated last year
- ☆15Updated 3 years ago
- Dependency Confusion Security Testing Tool☆39Updated 2 years ago
- Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes☆30Updated last year
- ☆46Updated 3 years ago
- Searcher for cross-site leaks (XS-Leaks)☆81Updated last year
- Lab that will help you to understand how type juggling vulnerability works.☆22Updated 4 years ago
- Chrome extension to detect possible xsleaks☆12Updated 5 years ago
- ☆56Updated 8 months ago
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- CVE PoCs☆21Updated 4 years ago
- Extract SSL certificate data (Subject Name, Subject Alt Names, Organisation)☆41Updated last year
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆33Updated 2 years ago
- ☆33Updated 3 years ago
- Prototype Pollution exploits collection☆30Updated 3 years ago
- A extension for collecting parameters☆25Updated 4 years ago
- One liner regex match to search inside JS files, using curl and grep!☆29Updated 2 years ago
- vīlicus is a bug bounty api dashboard☆39Updated last year
- ☆47Updated 3 years ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆43Updated this week
- Collection of content discovery wordlists in one wordlist.☆37Updated 2 years ago
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆26Updated 3 years ago
- Utility to pull disclosed vulnerabilities from HackerOne private programs - for personal use only☆12Updated 3 years ago
- ☆24Updated 3 years ago
- Enhanced 403 bypass header☆21Updated 2 years ago
- ☆20Updated 3 years ago
- ☆17Updated last year
- Tool to extract & validate google fcm server keys from apks☆27Updated 3 years ago