xscorp / jsmugLinks
A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
☆113Updated last year
Alternatives and similar repositories for jsmug
Users that are interested in jsmug are comparing it to the libraries listed below
Sorting:
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆90Updated 6 months ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆94Updated 11 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆255Updated last year
- HTML Universal Identifier☆64Updated 5 months ago
- Awesome MXSS ??☆50Updated 8 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆159Updated 6 months ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆60Updated last year
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆87Updated last year
- Tool to enable blind sql injection attacks against websockets using sqlmap☆61Updated last month
- ☆81Updated 7 months ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆189Updated 3 months ago
- A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.☆51Updated last week
- CVE-2023-33733 reportlab RCE☆117Updated last year
- oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning☆68Updated 5 months ago
- Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages☆36Updated last year
- CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure☆90Updated last year
- ☆36Updated 2 years ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆77Updated last year
- Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code☆89Updated 5 months ago
- Repository to store exploits created by Assetnotes Security Research team☆178Updated last year
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆89Updated last year
- Hacking Windows through iTunes - Local Privilege Escalation 0-day☆95Updated 7 months ago
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- PoC for CVE-2024-27130☆34Updated last year
- Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z and zip-like (jar, war,…☆102Updated last week
- Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing☆133Updated last year
- Filters and highlights Proxy HTTP history for requests with potentially vulnerable parameters☆23Updated last year
- A simple mutator engine which focuses on finding unknown classes of injection vulnerabilities☆67Updated last year
- ☆100Updated last year
- WebSocket REPL for pentesters☆220Updated 10 months ago