Alternatives and similar repositories for rbndr

Users that are interested in rbndr are comparing it to the libraries listed below

• nccgroup / singularity

  View on GitHub
  A DNS rebinding attack framework.
  ☆1,258Dec 4, 2025Updated 2 months ago
• BlackFan / client-side-prototype-pollution

  View on GitHub
  Prototype Pollution and useful Script Gadgets
  ☆1,581Jan 27, 2024Updated 2 years ago
• tarunkant / Gopherus

  View on GitHub
  This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
  ☆3,296Apr 18, 2023Updated 2 years ago
• makuga01 / dnsFookup

  View on GitHub
  DNS rebinding toolkit
  ☆255May 22, 2023Updated 2 years ago
• cujanovic / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆2,484Oct 12, 2024Updated last year
• assetnote / blind-ssrf-chains

  View on GitHub
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆946Dec 31, 2021Updated 4 years ago
• ambionics / phpggc

  View on GitHub
  PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
  ☆3,729Sep 29, 2025Updated 4 months ago
• msrkp / PPScan

  View on GitHub
  Client Side Prototype Pollution Scanner
  ☆524Sep 17, 2022Updated 3 years ago
• epinna / tplmap

  View on GitHub
  Server-Side Template Injection and Code Injection Detection and Exploitation Tool
  ☆4,117Apr 21, 2024Updated last year
• jmdx / TLS-poison

  View on GitHub
  ☆709Nov 27, 2024Updated last year
• fransr / postMessage-tracker

  View on GitHub
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆1,281Jan 26, 2024Updated 2 years ago
• GrrrDog / Java-Deserialization-Cheat-Sheet

  View on GitHub
  The cheat sheet about Java Deserialization vulnerabilities
  ☆3,167May 26, 2023Updated 2 years ago
• swisskyrepo / SSRFmap

  View on GitHub
  Automatic SSRF fuzzer and exploitation tool
  ☆3,479Sep 4, 2025Updated 5 months ago
• defparam / smuggler

  View on GitHub
  Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
  ☆2,059Jan 2, 2024Updated 2 years ago
• FSecureLABS / dref

  View on GitHub
  DNS Rebinding Exploitation Framework
  ☆495Apr 27, 2021Updated 4 years ago
• brannondorsey / whonow

  View on GitHub
  A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
  ☆659Dec 17, 2021Updated 4 years ago
• jdonsec / AllThingsSSRF

  View on GitHub
  This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
  ☆1,360Jan 24, 2021Updated 5 years ago
• BlackFan / content-type-research

  View on GitHub
  Content-Type Research
  ☆657Jun 29, 2025Updated 7 months ago
• frohoff / ysoserial

  View on GitHub
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆8,733Dec 4, 2025Updated 2 months ago
• GerbenJavado / LinkFinder

  View on GitHub
  A python script that finds endpoints in JavaScript files
  ☆4,280Apr 13, 2024Updated last year
• irsdl / IIS-ShortName-Scanner

  View on GitHub
  latest version of scanners for IIS short filename (8.3) disclosure vulnerability
  ☆1,624Sep 3, 2023Updated 2 years ago
• pwntester / ysoserial.net

  View on GitHub
  Deserialization payload generator for a variety of .NET formatters
  ☆3,669Dec 23, 2024Updated last year
• 0xacb / viewgen

  View on GitHub
  Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
  ☆658Feb 1, 2025Updated last year
• bayotop / off-by-slash

  View on GitHub
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆265Nov 18, 2021Updated 4 years ago
• mm0r1 / exploits

  View on GitHub
  Pwn stuff.
  ☆1,805May 31, 2022Updated 3 years ago
• staaldraad / xxeserv

  View on GitHub
  A mini webserver with FTP support for XXE payloads
  ☆342Jan 3, 2024Updated 2 years ago
• zigoo0 / JSONBee

  View on GitHub
  A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
  ☆742May 6, 2024Updated last year
• s0md3v / Arjun

  View on GitHub
  HTTP parameter discovery suite.
  ☆6,086Feb 20, 2025Updated 11 months ago
• GoSecure / dtd-finder

  View on GitHub
  List DTDs and generate XXE payloads using those local DTDs.
  ☆645Feb 21, 2024Updated last year
• visma-prodsec / confused

  View on GitHub
  Tool to check for dependency confusion vulnerabilities in multiple package management systems
  ☆775Aug 19, 2024Updated last year
• masatokinugawa / filterbypass

  View on GitHub
  Browser's XSS Filter Bypass Cheat Sheet
  ☆1,151May 6, 2017Updated 8 years ago
• PortSwigger / http-request-smuggler

  View on GitHub
  ☆1,182Jan 21, 2026Updated 3 weeks ago
• lc / gau

  View on GitHub
  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
  ☆4,821Jan 1, 2025Updated last year
• EdOverflow / can-i-take-over-xyz

  View on GitHub
  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
  ☆5,550Feb 8, 2025Updated last year
• bcoles / ssrf_proxy

  View on GitHub
  SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.
  ☆479Jan 1, 2018Updated 8 years ago
• internetwache / GitTools

  View on GitHub
  A repository with 3 tools for pwn'ing websites with .git repositories available
  ☆4,125Jun 14, 2023Updated 2 years ago
• andresriancho / enumerate-iam

  View on GitHub
  Enumerate the permissions associated with AWS credential set
  ☆1,218Feb 5, 2024Updated 2 years ago
• ptoomey3 / evilarc

  View on GitHub
  Create tar/zip archives that can exploit directory traversal vulnerabilities
  ☆1,037Jun 3, 2021Updated 4 years ago
• infosec-au / altdns

  View on GitHub
  Generates permutations, alterations and mutations of subdomains and then resolves them
  ☆2,468Jan 9, 2025Updated last year