110 skills found · Page 1 of 4
defparam / SmugglerSmuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
BishopFox / H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
TheCyb3rAlpha / BobTheSmuggler"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
anshumanpattnaik / Http Request SmugglingHTTP Request Smuggling Detection Tool
praetorian-inc / TurntA tool designed for smuggling interactive command and control traffic through legitimate TURN servers hosted by reputable providers such as Zoom.
0ang3el / Websocket SmuggleIssues with WebSocket reverse proxying allowing to smuggle HTTP requests
eddiechu / File SmugglingHTML smuggling is not an evil, it can be useful
semente / Django SmugglerDjango Smuggler is a pluggable application for Django Web Framework that helps you to import/export fixtures via the automatically-generated administration interface.
ZeddYu / HTTP Smuggling LabUse HTTP Smuggling Lab to learn HTTP Smuggling.
Moopinger / SmugglefuzzA rapid HTTP downgrade smuggling scanner written in Go.
dhmosfunk / CVE 2023 25690 POCCVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.
aws / Http Desync GuardianAnalyze HTTP requests to minimize risks of HTTP Desync attacks (precursor for HTTP request smuggling/splitting).
Octoberfest7 / Zip SmugglingPython3 utility for creating zip files that smuggle additional data for later extraction
surajpkhetani / AutoSmuggleUtility to craft HTML or SVG smuggled files for Red Team engagements
Sh1Yo / Request SmugglerHttp request smuggling vulnerability scanner
D00Movenok / HTMLSmuggler✉️ HTML Smuggling generator&obfuscator for your Red Team operations
abdulkadir-gungor / HtmlSmugglingHTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the payload on the targeted device when the victim opens/clicks the HTML attachment/link. The HTML smuggling technique leverages legitimate HTML5 and JavaScript features to hide malicious payloads and evade security detections. The HTML smuggling method is highly evasive. It could bypass standard perimeter security controls like web proxies and email gateways, which only check for suspicious attachments like EXE, DLL, ZIP, RAR, DOCX or PDF
The-Login / SMTP Smuggling ToolsTools for finding SMTP smuggling vulnerabilities.
chenjj / Awesome HTTPRequestSmugglingA curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻
De3vil / HtmlSmugglingit is malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page
