This is your work, valued

Predrag Cujanović

Elite
@cujanovic

SSRF-Testing. SSRF (Server Side Request Forgery) testing resources

2.5k

Open-Redirect-Payloads. Open Redirect Payloads

663

Markdown-XSS-Payloads. XSS payloads for exploiting Markdown syntax

497

CRLF-Injection-Payloads. Payloads for CRLF Injection

228

Content-Bruteforcing-Wordlist. Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

219

subdomain-bruteforce-list. subdomain bruteforce list

103

Virtual-host-wordlist. Virtual host wordlist

53

CVE-2016-8610-PoC. CVE-2016-8610 (SSL Death Alert) PoC

33

Linux-default-files-images-location. Default Linux files/images location

29

XXE-FTP-HTTP-Server. Ruby

25

dirsearch-wordlist. Serbian/English wordlist for https://github.com/maurosoria/dirsearch

20

nginx-dynamic-tls-records-patch. Add TLS Dynamic Record Resizing to Nginx

17

grsecurity-patches. Unofficial grsecurity patch archive https://grsecurity.net

11

nginx-http2-spdy-patch. Patch to make NGINX support HTTP/2 and SPDY simultaneously

11

XSS-Testing-Page. PHP

9

ssspl. SSS is a simple socks server written in perl that implements the SOCKS v5 protocol.

8

params.

8

llm-sast-scanner. A SAST skill that gives AI coding agents structured vulnerability detection across 103 vulnerability classes.

7

resolvers. Free DNS resolvers

6

goaltdns. Go

6

public-dns-resolvers. List of periodically validated public DNS resolvers

6

burp-copy-to-clipboard-for-vulnreport. Burp Copy to Clipboard for VulnReport

5

blooming-password. Blooming Password

4

TCP-Starvation. Python

4

Internet-Explorer-11-Content-Type-JSON-bug. Internet Explorer 11 bug to exploit application JSON response to XSS

4

vulnreport. Open-source pentesting management and automation platform by Salesforce Product Security

4

Content-Type-Text-Plain-Considered-Harmful. Content-Type Text/Plain Considered Harmful

4

autochrome. This tool downloads, installs, and configures a shiny new copy of Chromium.

4

hosts-file.net.

4

cujanovic.

3

nginx_upstream_check_module. Health checks upstreams for nginx,support dynamic health check interface for adding servers, transplat from tengine based on upstream_check_module

3

cf-pngcrush-patch. pngcrush fork for CF - patch

3

Memcrashed-DDoS-Exploit. DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API

3

openvpn. Shell

3

ffmpeg-avi-m3u-xbin. Python

3

xip.ninja. xip.ninja : PowerDNS pipe backend adapter powering xip.ninja

2