000pp / pwnfaces
π Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)
β18Updated 2 years ago
Alternatives and similar repositories for pwnfaces:
Users that are interested in pwnfaces are comparing it to the libraries listed below
- β46Updated 2 years ago
- π WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.β26Updated last year
- Wolfy AV Bypasserβ28Updated 2 years ago
- https://github.com/ManhNho/AWAE-OSWEβ11Updated 4 years ago
- Just some random small tools for dealing with asp.net Forms Authentication Cookiesβ23Updated 3 years ago
- BurpSuite extension to convert requests into bcheck scriptsβ31Updated last year
- γπͺγLinux Backdoor based on ICMP protocolβ60Updated 5 months ago
- Quickly find all identities someone has used on their Github commitsβ16Updated 9 months ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3β13Updated 2 years ago
- Script for Bug Bountyβ28Updated 3 years ago
- An offensive security tool used to enumerate and spray passwords for O365 accounts on both Managed and Federated AD services.β48Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.β71Updated 3 years ago
- β44Updated last year
- A better way of querying certificate transparency logsβ86Updated last month
- User enumeration and password spraying tool for testing Azure ADβ69Updated 3 years ago
- β16Updated 7 months ago
- Exploit for Symfony CVE-2024-50340 (forked eos)β28Updated 5 months ago
- pugrecon is a bash script for automatic recon of common vulnerabilities, misconfigurations and files on domains.β24Updated 4 years ago
- An MS Sharepoint and Frontpage Auditing Toolβ49Updated 5 months ago
- ElasticSearch exploit and Pentesting guide for penetration testerβ27Updated 2 years ago
- β32Updated 3 weeks ago
- A websocket-based reverse (javascript) shell for XSS attacks.β29Updated 2 years ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.β75Updated last year
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticalsβ¦β65Updated last year
- Make better use of the embedded browser that comes by default with Burpβ43Updated last year
- This repository serves as a curated resource for OffSec's OSEP (PEN-300) certification preparation, containing useful links, materials, aβ¦β15Updated 6 months ago
- crtdumper is a Go application designed to interact directly with Certificate Transparency (CT) logs servers and extract domain names froβ¦β27Updated 10 months ago
- This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.β37Updated 2 years ago
- β39Updated last year
- Get SYSTEM via SeDebugPrivilegeβ20Updated 2 years ago