xscorp / jsmug
A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
☆113Updated 11 months ago
Alternatives and similar repositories for jsmug:
Users that are interested in jsmug are comparing it to the libraries listed below
- Awesome MXSS ??☆48Updated 5 months ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆77Updated 4 months ago
- ☆74Updated 5 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆253Updated 9 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆153Updated 3 months ago
- Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code☆84Updated 2 months ago
- HTML Universal Identifier☆64Updated 2 months ago
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆57Updated 9 months ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆91Updated 9 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆156Updated 4 months ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆174Updated last month
- A python module to explore the object tree to extract paths to interesting objects in memory.☆89Updated last month
- Repository to store exploits created by Assetnotes Security Research team☆176Updated last year
- ☆36Updated last month
- ☆83Updated 8 months ago
- CVE-2023-33733 reportlab RCE☆114Updated last year
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆48Updated 3 months ago
- WebSocket REPL for pentesters☆218Updated 7 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆132Updated 8 months ago
- A collection of utilities for building extensions using Burp's Montoya API☆47Updated 8 months ago
- A simple mutator engine which focuses on finding unknown classes of injection vulnerabilities☆63Updated 11 months ago
- oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning☆65Updated 3 months ago
- PP-finder Help you find gadget for prototype pollution exploitation☆151Updated 7 months ago
- Find CVE PoCs on GitHub☆144Updated last year
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆133Updated 3 months ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆45Updated last year
- POC for RCE vulnerability in ParseExcel library, and ParseXLSX too, as a depending library☆15Updated 5 months ago
- The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.☆74Updated 11 months ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆106Updated 2 months ago