xscorp / jsmugLinks
A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
☆113Updated last year
Alternatives and similar repositories for jsmug
Users that are interested in jsmug are comparing it to the libraries listed below
Sorting:
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆104Updated 3 months ago
- A simple mutator engine which focuses on finding unknown classes of injection vulnerabilities☆67Updated last year
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆65Updated last year
- ☆40Updated 3 months ago
- Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z and zip-like (jar, war,…☆107Updated 4 months ago
- Repository to store exploits created by Assetnotes Security Research team☆182Updated last year
- CVE-2023-33733 reportlab RCE☆119Updated 2 years ago
- ☆85Updated 3 months ago
- A blazing fast and fully configurable Blind SQL Injection optimization and automation framework.☆139Updated 3 months ago
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆19Updated last year
- Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages☆36Updated 2 years ago
- POC for RCE vulnerability in ParseExcel library, and ParseXLSX too, as a depending library☆17Updated last year
- Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code☆93Updated 9 months ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆99Updated last month
- CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure☆91Updated last year
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆90Updated last year
- Awesome MXSS ??☆53Updated last year
- A collection of utilities for building extensions using Burp's Montoya API☆52Updated last year
- ☆100Updated last year
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆89Updated last year
- Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing☆133Updated last year
- This repository offers insights and a proof-of-concept tool to exploit two significant deserialization vulnerabilities in Inductive Autom…☆45Updated last year
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆76Updated last year
- ☆61Updated 5 months ago
- Ubuntu Privilege Escalation bash one-liner using CVE-2023-32629 & CVE-2023-2640☆106Updated last year
- PoC for CVE-2024-27130☆35Updated last year
- HTML Universal Identifier☆67Updated 9 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆163Updated 10 months ago
- A (small) web exploit framework☆96Updated last week