singularity
Rebinding attack framework
A tool to facilitate DNS rebinding attacks and raise awareness about their exploitation
A DNS rebinding attack framework.
1k stars
33 watching
143 forks
Language: JavaScript
last commit: 11 months ago
Linked from 2 awesome lists
attackdnsdns-rebindingiotvulnerability
qazbnm456/awesome-web-security
vavkamil/awesome-bugbounty-toolsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 brannondorsey/dns-rebind-toolkit | A toolkit for creating DNS rebinding attacks against vulnerable hosts on local networks. | 487 |
 taviso/rbndr | A simple DNS rebinding testing tool | 631 |
 makuga01/dnsfookup | A tool to create and manage DNS rebinding attacks | 252 |
 fsecurelabs/dref | A tool designed to exploit DNS rebinding vulnerabilities in web applications, allowing it to bypass security restrictions and exfiltrate sensitive data | 486 |
 daeken/httprebind | A tool to automatically test DNS rebinding vulnerability in web applications | 295 |
 40ants/reblocks | A Common Lisp web framework refactored to simplify and modernize its core functionality while maintaining the widget-based approach to application development. | 62 |
| brannondorsey/whonow | A malicious DNS server that executes DNS Rebinding attacks on the fly by responding to domain queries with pre-defined IP addresses and rules. | 630 |
| nccgroup/exploit_mitigations | A knowledge base documenting exploit mitigations across various operating systems and software | 880 |
 cncf/tag-security | An initiative to improve cloud native security by developing standards and best practices. | 2,104 |
| nccgroup/nccfsas | Contains publicly released information on simulated full-spectrum attacks on file systems and security protocols. | 607 |
 breakpointhq/voodoo | A framework for creating man-in-the-browser attacks on macOS-based browsers without requiring root privileges or TCC permissions. | 40 |
| nccgroup/redsnarf | A tool used in penetration testing to retrieve hashes and credentials from Windows systems, domain controllers, and other network devices. | 1,204 |
 dxa4481/cssinjection | A method to steal sensitive data by exploiting CSS injection vulnerabilities in websites that allow arbitrary CSS rendering. | 318 |
 blairconrad/selfinitializingfakes | A framework for creating reusable fake objects with persistent behavior after the initial setup | 11 |
 juxt/bolt | An integrated security system for Clojure applications based on modular components | 120 |