xscorp / jsmug
A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
☆113Updated 11 months ago
Alternatives and similar repositories for jsmug:
Users that are interested in jsmug are comparing it to the libraries listed below
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆83Updated 4 months ago
- Awesome MXSS ??☆48Updated 5 months ago
- ☆74Updated 5 months ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆91Updated 9 months ago
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- HTML Universal Identifier☆64Updated 3 months ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆57Updated 9 months ago
- Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code☆84Updated 3 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆253Updated 10 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆154Updated 3 months ago
- CVE-2023-33733 reportlab RCE☆114Updated last year
- A collection of Server-Side Prototype Pollution gadgets and exploits☆180Updated last month
- A collection of utilities for building extensions using Burp's Montoya API☆47Updated 9 months ago
- ☆83Updated 9 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆132Updated 8 months ago
- Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages☆36Updated last year
- PP-finder Help you find gadget for prototype pollution exploitation☆152Updated 7 months ago
- ☆99Updated last year
- A python module to explore the object tree to extract paths to interesting objects in memory.☆89Updated last month
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆85Updated last year
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆107Updated 2 months ago
- A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.☆38Updated 4 months ago
- CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure☆90Updated last year
- Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z, jar, war, apk and ipa …☆95Updated 10 months ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆86Updated 11 months ago
- Make better use of the embedded browser that comes by default with Burp☆43Updated last year
- A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs☆62Updated 2 weeks ago
- ☆80Updated 8 months ago
- ☆34Updated 2 years ago
- Repository to store exploits created by Assetnotes Security Research team☆176Updated last year