GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → EdOverflow → Proof Of Concepts

EdOverflow / Proof Of Concepts

Licence: mit
A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

Labels

htmlsecurityinfosecbugbountypocproof-of-concept

Projects that are alternatives of or similar to Proof Of Concepts

Pentesting
Misc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-83.78%)
Mutual labels:  poc, infosec, bugbounty
Bug Bounty Responses
A collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-68.92%)
Mutual labels:  infosec, bugbounty
Autosetup
Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
Stars: ✭ 140 (-5.41%)
Mutual labels:  infosec, bugbounty
Rfd Checker
RFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-62.16%)
Mutual labels:  infosec, bugbounty
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+4795.95%)
Mutual labels:  infosec, bugbounty
Domained
Multi Tool Subdomain Enumeration
Stars: ✭ 688 (+364.86%)
Mutual labels:  infosec, bugbounty
Jaeles
The Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+625%)
Mutual labels:  infosec, bugbounty
Security Tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+243.92%)
Mutual labels:  infosec, bugbounty
Subjack
Subdomain Takeover tool written in Go
Stars: ✭ 1,194 (+706.76%)
Mutual labels:  infosec, bugbounty
S3scanner
Scan for open AWS S3 buckets and dump the contents
Stars: ✭ 1,319 (+791.22%)
Mutual labels:  infosec, bugbounty
Cazador unr
Hacking tools
Stars: ✭ 95 (-35.81%)
Mutual labels:  poc, bugbounty
Assessment Mindset
Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Stars: ✭ 608 (+310.81%)
Mutual labels:  infosec, bugbounty
Android Reports And Resources
A big list of Android Hackerone disclosed reports and other resources.
Stars: ✭ 590 (+298.65%)
Mutual labels:  infosec, bugbounty
Legal Bug Bounty
#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
Stars: ✭ 42 (-71.62%)
Mutual labels:  infosec, bugbounty
Learn365
This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection
Stars: ✭ 525 (+254.73%)
Mutual labels:  infosec, bugbounty
31 Days Of Api Security Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
Stars: ✭ 1,038 (+601.35%)
Mutual labels:  infosec, bugbounty
Defaultcreds Cheat Sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1216.89%)
Mutual labels:  infosec, bugbounty
Metabigor
Intelligence tool but without API key
Stars: ✭ 424 (+186.49%)
Mutual labels:  infosec, bugbounty
Poc
Proofs-of-concept
Stars: ✭ 467 (+215.54%)
Mutual labels:  poc, proof-of-concept
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-58.11%)
Mutual labels:  infosec, bugbounty
View All Similar Projects ➔

Proof of concepts

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

Image courtesy of Hackaday

Buy Me A Coffee

Contents

.
├── CSRF
│   └── csrf_no_redirect.html
├── LICENSE
├── Open redirect
│   ├── open_redirect_referrer.html
│   └── open_redirect_sign_in_form.md
├── Other
│   ├── reverse_tabnabbing.html
│   └── subdomain_takeover.html
├── README.md
└── XSS
    ├── pastejacking_reflected_xss_payload.html
    ├── xss_hidden_input.html
    └── xss_password_manager_form.html

Setup

Clone this repository to a website you use for testing purposes, publish everything, and you will be able to use all of the proof of concepts under the /proof-of-concepts/ directory (e.g. http://example.com/proof-of-concepts/pastejacking_reflected_xss_payload.html).

$ git clone https://github.com/EdOverflow/proof-of-concepts.git

⚠ Legal Disclaimer

This project is made for educational and ethical testing purposes only. Usage any of the proof of concepts found in this repository for attacking targets without prior mutual consent is illegal. Developers assume no liability and are not responsible for any misuse or damage caused by these proof of concepts.

Contributing

Do you have a fun, creative and convincing proof of concept? Please feel free to submit a pull request and we will add it to this repository.

Using the issue tracker 💡

The issue tracker is the preferred channel for bug reports and features requests.

Issues and labels 🏷

The bug tracker utilizes several labels to help organize and identify issues.

Guidelines for bug reports 🐛

Use the GitHub issue search — check if the issue has already been reported.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].