xbow-engineering / validation-benchmarksLinks
XBOW Validation Benchmarks
☆200Updated last month
Alternatives and similar repositories for validation-benchmarks
Users that are interested in validation-benchmarks are comparing it to the libraries listed below
Sorting:
- ☆197Updated 9 months ago
- Grammar-based HTTP/1 fuzzer with mutation ability☆253Updated 9 months ago
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆70Updated last year
- CodeQL zero to hero blog post series challenges☆131Updated last month
- Automated web vulnerability scanning with LLM agents☆341Updated last month
- A collection of Server-Side Prototype Pollution gadgets and exploits☆196Updated 6 months ago
- Black box fuzzer for web applications☆428Updated 2 weeks ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆51Updated last year
- How effective are LLMs in identifying and exploiting security vulnerabilities?☆59Updated 5 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆272Updated 4 months ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆51Updated 3 months ago
- Manager of third-party sources of Semgrep rules 🗂☆87Updated last year
- PP-finder Help you find gadget for prototype pollution exploitation☆166Updated 11 months ago
- Awesome MXSS ??☆52Updated 10 months ago
- Learn AI security through a series of vulnerable LLM CTF challenges. No sign ups, no cloud fees, run everything locally on your system.☆293Updated 11 months ago
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆111Updated 7 months ago
- Collection of community-driven CodeQL query, library and extension packs☆176Updated last week
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆105Updated 6 months ago
- A source code static analysis platform for AppSec enthusiasts.☆253Updated 5 months ago
- HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy + Exploit Timing Attacks☆185Updated 2 months ago
- ☆179Updated 9 months ago
- ☆87Updated last year
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆18Updated last year
- MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. In…☆324Updated 2 weeks ago
- A very simple open source implementation of Google's Project Naptime☆161Updated 4 months ago
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery☆315Updated 8 months ago
- A structure-aware HTTP fuzzing library☆214Updated 7 months ago
- Proof of concept code for Datadog Security Labs referenced exploits.☆442Updated 4 months ago
- MCP Server for Burp☆220Updated last month
- CTF challenges designed and implemented in machine learning applications☆162Updated 11 months ago