0xless / slip
Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z, jar, war, apk and ipa archives.
☆83Updated 4 months ago
Related projects: ⓘ
- Repository to store exploits created by Assetnotes Security Research team☆175Updated 10 months ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆80Updated 3 months ago
- C2 Automation using Linode☆78Updated last year
- Tool to enable blind sql injection attacks against websockets using sqlmap☆56Updated 10 months ago
- A python module to explore the object tree to extract paths to interesting objects in memory.☆77Updated 6 months ago
- ☆91Updated this week
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆51Updated 3 months ago
- The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.☆56Updated 6 months ago
- Automate converting webshells into reverse shells.☆67Updated last month
- Cloud Exploit Framework☆112Updated 2 years ago
- CVE-2023-33733 reportlab RCE☆109Updated last year
- ☆70Updated 2 months ago
- A Burp extension to help pentesters copy requests / responses for reports.☆33Updated 2 months ago
- Check subdomains for subdomain takeovers and other DNS tomfoolery☆96Updated this week
- Proof of Concept Exploit for PaperCut CVE-2023-27350☆46Updated last year
- Veeam Backup Enterprise Manager Authentication Bypass (CVE-2024-29849)☆85Updated 3 months ago
- CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure☆91Updated 7 months ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆118Updated 5 months ago
- A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON☆112Updated 5 months ago
- A Burp Suite extension for finding DNS vulnerabilities in web applications!☆92Updated last year
- Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing☆127Updated 4 months ago
- ☆90Updated last week
- ☆46Updated 2 years ago
- POC for a DLL spoofer to determine DLL Hijacking☆60Updated 11 months ago
- Exploits targeting vBulletin.☆76Updated last year
- Spoofcheck☆22Updated this week
- Easy red team phishing with Puppeteer☆127Updated last year
- EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.☆59Updated 2 weeks ago
- Some tips for Bug Bounty using LibreOffice☆28Updated 2 months ago
- A (small) web exploit framework☆70Updated this week