0x00-0x00 / CVE-2016-2098Links
Ruby On Rails unrestricted render() exploit
☆16Updated 7 years ago
Alternatives and similar repositories for CVE-2016-2098
Users that are interested in CVE-2016-2098 are comparing it to the libraries listed below
Sorting:
- ☆19Updated 5 years ago
- Burp extension for automated handling of CSRF tokens☆16Updated 7 years ago
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Updated 6 years ago
- a parser + crawler for .DS_Store files exposed publically☆54Updated 2 years ago
- Abusing SketchUp to make persistence on Windows☆21Updated 6 years ago
- Spin up a reverse proxy quickly on Heroku☆14Updated 4 years ago
- All about CVE-2018-14667; From what it is to how to successfully exploit it.☆50Updated 6 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Updated 4 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion☆17Updated 4 years ago
- A playground to practice SSRF Attacks against web apps☆17Updated 7 years ago
- PoC CVE-2020-6308☆36Updated 4 years ago
- Accompanying material needed for the workshop☆11Updated 2 years ago
- A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __…☆12Updated 10 years ago
- A Burp Suite extension to add a custom header (e.g. JWT)☆19Updated 3 years ago
- A python-based padding oracle tool☆20Updated last year
- ☆13Updated 4 years ago
- RCE in NPM VSCode Extension☆20Updated 4 years ago
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 7 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆25Updated 6 years ago
- A basic AIX enumeration guide for penetration testers/red teamers☆33Updated 8 years ago
- Magento Security Scanner☆15Updated 3 years ago
- A basic proxylogon scanner☆27Updated 4 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆12Updated 7 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆23Updated 8 years ago
- Exactly what it sounds like, which is something rad☆22Updated 3 years ago
- A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE)☆13Updated 6 years ago
- Exploitation Script for CVE-2020-0688 "Microsoft Exchange default MachineKeySection deserialize vulnerability"☆11Updated 5 years ago
- eternalrelayx☆36Updated 6 years ago
- Burp extension to decode NTLM SSP headers and extract domain/host information☆32Updated 4 years ago