whitel1st / docem
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
☆566Updated 11 months ago
Alternatives and similar repositories for docem:
Users that are interested in docem are comparing it to the libraries listed below
- List DTDs and generate XXE payloads using those local DTDs.☆617Updated 10 months ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆831Updated 3 years ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆719Updated 3 years ago
- HackerOne "in scope" domains☆419Updated this week
- Burp Extension for a passive scanning JS files for endpoint links.☆760Updated 9 months ago
- ☆280Updated 3 years ago
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…☆229Updated last month
- Fetches javascript file from a list of URLS or subdomains.☆750Updated last year
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆592Updated 3 years ago
- HTTP file upload scanner for Burp Proxy☆397Updated last year
- ☆401Updated 3 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆593Updated last year
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆382Updated last year
- A cheatsheet for exploiting server-side SVG processors.☆705Updated 4 years ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆564Updated 3 years ago
- HTTP file upload scanner for Burp Proxy☆485Updated last year
- simple script to extract all web resources by means of .SVN folder exposed over network.☆452Updated 11 months ago
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆359Updated 3 months ago
- Open Redirect Payloads☆594Updated 3 months ago
- Tool to help exploit XXE vulnerabilities☆550Updated last year
- HTTP Request Smuggling Detection Tool☆481Updated last year
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆500Updated 2 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆684Updated last year
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆276Updated 3 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆346Updated 2 years ago
- Another way to bypass WAF Cheat Sheet (draft)☆418Updated 6 years ago
- Because just a dark theme wasn't enough!☆559Updated last month
- Client Side Prototype Pollution Scanner☆510Updated 2 years ago
- Content-Type Research☆550Updated 11 months ago