This repository is a collection of exploits for Prototype Pollution vulnerability. If you're not familiar with the Prototype Pollution vulnerability, please have a look at another one of my repositories https://github.com/Kirill89/prototype-pollution-explained.
The goal of this project is not to collect every possible Prototype Pollution exploit, rather collect exploits for popular packages and in all possible variations – build a dataset for future Prototype Pollution research.
Exploits are stored in separate JS files, e.g. <package_name>/<method_name>/<payload_type>.js.
Additionally, each package folder has an MD file with exploits and list of vulnerable versions.
- Utility libraries
- Parsers
- Databases
- Server
Feel free to open pull requests and add more exploits.