000pp / pwnfacesLinks
π Golang project to exploit an EL Injection vulnerability (CVE-2017-1000486) that affects the Primefaces 5.X versions. This project supports SOCKS proxy to prioritize anonymity.
β18Updated 2 years ago
Alternatives and similar repositories for pwnfaces
Users that are interested in pwnfaces are comparing it to the libraries listed below
Sorting:
- π WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.β26Updated 2 years ago
- β45Updated 2 years ago
- BurpSuite extension to convert requests into bcheck scriptsβ32Updated last year
- Wolfy AV Bypasserβ28Updated 2 years ago
- https://github.com/ManhNho/AWAE-OSWEβ11Updated 4 years ago
- This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.β37Updated 3 years ago
- User enumeration and password spraying tool for testing Azure ADβ70Updated 3 years ago
- γπͺγLinux Backdoor based on ICMP protocolβ61Updated 6 months ago
- β16Updated 8 months ago
- Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.β53Updated 10 months ago
- PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)β87Updated 2 years ago
- Just some random small tools for dealing with asp.net Forms Authentication Cookiesβ24Updated 3 years ago
- A websocket-based reverse (javascript) shell for XSS attacks.β29Updated 2 years ago
- Quickly find all identities someone has used on their Github commitsβ16Updated 10 months ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.β71Updated 3 years ago
- A better way of querying certificate transparency logsβ86Updated 2 months ago
- ElasticSearch exploit and Pentesting guide for penetration testerβ29Updated 2 years ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.β36Updated 2 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3β13Updated 2 years ago
- An offensive security tool used to enumerate and spray passwords for O365 accounts on both Managed and Federated AD services.β48Updated 2 years ago
- A "Spring4Shell" vulnerability scanner.β49Updated 5 months ago
- β7Updated last year
- Make better use of the embedded browser that comes by default with Burpβ43Updated last year
- This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"β27Updated 7 years ago
- Check for CVE-2024-22024 vulnerability in Ivanti Connect Secureβ30Updated last year
- Exploit for Symfony CVE-2024-50340 (forked eos)β29Updated 7 months ago
- Get SYSTEM via SeDebugPrivilegeβ20Updated 3 years ago
- Automatic Tools For Metabase Exploit Known As CVE-2023-38646β27Updated last year
- An MS Sharepoint and Frontpage Auditing Toolβ49Updated 7 months ago
- Colored Cat is a syntax highlighter file reader.β16Updated last year