Simple DNS Rebinding Service
☆729Jan 16, 2020Updated 6 years ago
Alternatives and similar repositories for rbndr
Users that are interested in rbndr are comparing it to the libraries listed below
Sorting:
- A DNS rebinding attack framework.☆1,266Dec 4, 2025Updated 3 months ago
- Prototype Pollution and useful Script Gadgets☆1,589Jan 27, 2024Updated 2 years ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,302Apr 18, 2023Updated 2 years ago
- DNS rebinding toolkit☆254May 22, 2023Updated 2 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆956Dec 31, 2021Updated 4 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,756Sep 29, 2025Updated 5 months ago
- Client Side Prototype Pollution Scanner☆522Sep 17, 2022Updated 3 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,123Apr 21, 2024Updated last year
- ☆705Nov 27, 2024Updated last year
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,293Jan 26, 2024Updated 2 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,171May 26, 2023Updated 2 years ago
- Automatic SSRF fuzzer and exploitation tool☆3,493Sep 4, 2025Updated 6 months ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆2,062Jan 2, 2024Updated 2 years ago
- DNS Rebinding Exploitation Framework☆492Apr 27, 2021Updated 4 years ago
- A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)☆656Dec 17, 2021Updated 4 years ago
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,361Jan 24, 2021Updated 5 years ago
- Content-Type Research☆656Jun 29, 2025Updated 8 months ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,776Dec 4, 2025Updated 3 months ago
- A python script that finds endpoints in JavaScript files☆4,297Apr 13, 2024Updated last year
- latest version of scanners for IIS short filename (8.3) disclosure vulnerability☆1,633Sep 3, 2023Updated 2 years ago
- Deserialization payload generator for a variety of .NET formatters☆3,682Dec 23, 2024Updated last year
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆657Feb 1, 2025Updated last year
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- Pwn stuff.☆1,804May 31, 2022Updated 3 years ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.☆6,089Aug 14, 2024Updated last year
- A mini webserver with FTP support for XXE payloads☆341Jan 3, 2024Updated 2 years ago
- A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.☆750May 6, 2024Updated last year
- HTTP parameter discovery suite.☆6,109Feb 20, 2025Updated last year
- List DTDs and generate XXE payloads using those local DTDs.☆649Feb 21, 2024Updated 2 years ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆778Aug 19, 2024Updated last year
- Browser's XSS Filter Bypass Cheat Sheet☆1,150May 6, 2017Updated 8 years ago
- ☆1,187Jan 21, 2026Updated last month
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.☆4,842Jan 1, 2025Updated last year
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,572Feb 8, 2025Updated last year
- SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.☆480Jan 1, 2018Updated 8 years ago
- A repository with 3 tools for pwn'ing websites with .git repositories available☆4,128Jun 14, 2023Updated 2 years ago
- A collection of browser-based side channel attack vectors.☆760Mar 19, 2024Updated last year
- Enumerate the permissions associated with AWS credential set☆1,222Feb 5, 2024Updated 2 years ago