Alternatives and similar repositories for ctf-notes:

Users that are interested in ctf-notes are comparing it to the libraries listed below

• danghvu / pwp
  Python Web framework P0wner
  ☆75Updated 12 years ago
• 0x00string / oldays
  public exploits
  ☆35Updated last year
• v-egoshin / WindowsUploadToolkit
  PHDAYS |||
  ☆17Updated 11 years ago
• gursev / flash-xdomain-xploit
  ActionScript Proof of Concept to perform cross-domain reads
  ☆44Updated 11 years ago
• cyberpunkych / attacking_mongodb
  Files from Zeronights presentation.
  ☆28Updated 12 years ago
• tothi / ctfs
  some example ctf writeups
  ☆27Updated 4 years ago
• GrrrDog / ZeroNights-WebVillage-2017
  ☆70Updated 7 years ago
• sensepost / ms16-098
  Windows 8.1 x64 Exploit for MS16-098 RNGOBJ_Integer_Overflow
  ☆91Updated 7 years ago
• superkojiman / vulnerabilities
  Published vulnerabilities and exploits.
  ☆55Updated 2 years ago
• Charliedean / PsexecSpray
  Spray SMB with hashes, Then psexec
  ☆32Updated 5 years ago
• dancezarp / TBDEx
  ☆84Updated 8 years ago
• mseclab / Burp-PyJFuzz
  Burp Suite plugin which implement PyJFuzz for fuzzing web application.
  ☆56Updated 7 years ago
• dragoneeg / Struts2-048
  CVE-2017-9791
  ☆27Updated 7 years ago
• GrrrDog / ACEDcup
  Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)
  ☆38Updated 8 years ago
• debasishm89 / dotNetFuzz
  A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.
  ☆42Updated 6 years ago
• aurainfosec / burp-multi-browser-highlighting
  Highlight Burp proxy requests made by different browsers
  ☆30Updated 7 years ago
• yolosec / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆34Updated 8 years ago
• RUB-NDS / DTD-Attacks
  Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java
  ☆56Updated 8 years ago
• OpenSecurityResearch / flash-xdomain-xploit
  ActionScript Proof of Concept to perform cross-domain reads
  ☆16Updated 11 years ago
• milo2012 / CVE-2018-0296
  Test CVE-2018-0296 and extract usernames
  ☆106Updated 6 years ago
• 1337g / CVE-2017-10271
  CVE-2017-10271 WEBLOGIC RCE (TESTED)
  ☆38Updated 7 years ago
• nccgroup / Extractor
  Extension adds a new tab in Burp Suite called Extractor
  ☆43Updated 5 years ago
• GDSSecurity / PaddingOracleDemos
  ☆22Updated 9 years ago
• brianwrf / S2-053-CVE-2017-12611
  A simple script for exploit RCE for Struts 2 S2-053(CVE-2017-12611)
  ☆36Updated 7 years ago
• getcode2git / exserial
  Java Untrusted Deserialization Exploits Tools
  ☆66Updated 9 years ago
• Gifts / XXE-OOB-Exploitation-Toolset-for-Automation
  XXE OOB Exploitation Toolset for Automation
  ☆63Updated 11 years ago
• matthewdfuller / intellifuzz-xss
  An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match
  ☆42Updated 12 years ago
• zerothoughts / jndipoc
  Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls
  ☆42Updated 9 years ago
• Techlord-RCE / dns-rebind-toolkit
  A front-end JavaScript toolkit for creating DNS rebinding attacks.
  ☆45Updated 6 years ago
• SeanHeelan / funserialize
  Scripts and auxiliary files for fuzzing PHP's unserialize function
  ☆43Updated 7 years ago