0xSojalSec / agartha
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation and more.
☆13Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for agartha
- Proof of Concept Exploit for CVE-2024-9464☆40Updated last month
- POC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692☆30Updated this week
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆35Updated 10 months ago
- Simple netexec wraper with html repport☆17Updated 5 months ago
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆23Updated 3 weeks ago
- ☆31Updated 3 months ago
- ☆47Updated 5 months ago
- Make an Linux Kernel rootkit visible again.☆42Updated last month
- ☆59Updated 10 months ago
- ☆53Updated last month
- Contexter - A secondary context path traversal / server-side parameter pollution testing tool written in Python 3☆20Updated 2 months ago
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆60Updated 10 months ago
- Proof-of-Concept for CVE-2024-46538☆44Updated last week
- ☆54Updated 7 months ago
- The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.☆60Updated 2 months ago
- ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.☆59Updated last month
- ☆13Updated last year
- A Havoc UI tool to pivot onto a machine using ligolo-ng☆42Updated 9 months ago
- Unauthenticated Remote Code Execution via Angular-Base64-Upload Library☆24Updated 3 weeks ago
- Inject RDPThief into memory with PowerShell.☆55Updated last month
- Vulnerabilities you my miss during a penetration testing.☆97Updated 7 months ago
- RDE1 (Rusty Data Exfiltrator) is client and server tool allowing auditor to extract files from DNS and HTTPS protocols written in Rust. �…☆40Updated last year
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆74Updated 5 months ago
- Authentication Bypass in GoAnywhere MFT☆64Updated 9 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆39Updated 5 months ago
- Notes and cheatsheets for the OffSec Wireless Professional (OSWP) certification☆25Updated last year
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆57Updated 5 months ago
- CVE-2024-28955 Exploitation PoC☆34Updated 4 months ago