1hack0 / bug-bounty-101
Happy Hunting
☆137Updated 5 years ago
Related projects: ⓘ
- small set of scripts to practice exploit XSS and CSRF vulnerabilities☆57Updated 6 years ago
- WAF Bypass Cheatsheet☆209Updated 6 years ago
- Easy Fast recon script☆29Updated 5 years ago
- Weblogic Upload Vuln(Need username password)-CVE-2019-2618☆172Updated 5 years ago
- A vulnerable application exposing Spring Boot Actuators☆123Updated 5 years ago
- A list of useful payloads for Web Application Security and Pentest/CTF☆287Updated last month
- Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…☆108Updated 5 years ago
- A collection of open source and commercial tools that aid in red team operations.☆37Updated 6 years ago
- ☆24Updated 7 years ago
- J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…☆72Updated 3 years ago
- Burp Suite Plugin: Convert the json text that returns the body into HTTP request parameters.☆98Updated 3 years ago
- ☆148Updated this week
- ☆119Updated this week
- ☆85Updated 4 years ago
- ******本软件仅限用于学习交流禁止用于任何非法行为****** 本版本支持elasticsearch java语言远程命令执行及文件上传 elasticsearchgroov语言远程命令执行 及文件上传 struts2-005、struts2-009、struts2-01…☆109Updated 6 years ago
- Apache Tomcat Remote Code Execution on Windows☆185Updated 4 years ago
- WebLogic wls9-async反序列化远程命令执行漏洞☆241Updated 5 years ago
- wooyun public information backup☆119Updated 7 years ago
- This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.☆75Updated 6 years ago
- Apache Solr RCE (ENABLE_REMOTE_JMX_OPTS="true")☆102Updated 4 years ago
- Lab for exploring SSRF vulnerabilities☆245Updated 3 years ago
- CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script☆135Updated 6 years ago
- CVE-2018-3245-PoC☆167Updated 3 years ago
- ☆53Updated this week
- Web Fuzzing Discovery and Attack Pattern Database☆110Updated 6 years ago
- CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE☆105Updated 5 years ago
- ☆104Updated 7 years ago
- ☆130Updated this week
- XSS Fuzzer is a tool which generates XSS payloads based on user-defined vectors and fuzzing lists.☆137Updated 5 years ago
- Jsdir is a Burp Suite extension that extracts hidden paths from js files and beautifies it for further reading.☆112Updated 4 years ago