BSidesSF / ctf-2022-release

Related projects ⓘ

Alternatives and complementary repositories for ctf-2022-release

• doyensec / CVE-2022-39299_PoC_Generator
  A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…
  ☆17Updated last year
• TecR0c / DoubleTrouble
  This repository offers insights and a proof-of-concept tool to exploit two significant deserialization vulnerabilities in Inductive Autom…
  ☆45Updated 10 months ago
• redhuntlabs / BurpSuite-Asset_History
  ☆33Updated 4 years ago
• Invicti-Security / web-inf-path-trav
  Tool for helping in the exploitation of path traversal vulnerabilities in Java web applications
  ☆19Updated 2 years ago
• 10goto20 / seltzer
  A Burp Suite extension for headless, unattended scanning.
  ☆36Updated 4 years ago
• HawSec / ginger
  A security assessment tool for Hitachi Vantara's Pentaho Business Analytics platform.
  ☆14Updated 3 years ago
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆66Updated last year
• dmcxblue / Red-Team-Notes
  Just learning around new stuff mostly Red Teaming and such but will try to see if I can update or simplify them more, nothing too exotic …
  ☆36Updated 2 years ago
• dwisiswant0 / look4jar
  Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?
  ☆44Updated 2 years ago
• mhaskar / DNSKeyGen
  A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.
  ☆39Updated last year
• hakivvi / ermir
  an Evil Java RMI Registry.
  ☆45Updated last year
• PortSwigger / ator
  ☆29Updated 6 months ago
• BishopFox / ysoserial-bf
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆24Updated 9 months ago
• vulnbe / burpsuite-copy-as-xmlhttprequest
  Copy as XMLHttpRequest BurpSuite extension
  ☆30Updated 3 years ago
• DIVD-NL / ProxyOracleNSE
  NSE script to detect ProxyOracle
  ☆14Updated 3 years ago
• cygenta / CVE-2020-3452
  ☆26Updated 2 years ago
• sourceincite / DashOverride
  This is a pre-authenticated RCE exploit for VMware vRealize Operations Manager
  ☆48Updated last year
• PurpleWaveIO / CVE-2022-25765-pdfkit-Exploit-Reverse-Shell
  pdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sa…
  ☆22Updated last year
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆67Updated 2 years ago
• horizon3ai / CVE-2021-44077
  Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077
  ☆31Updated 2 years ago
• RedSection / jspanda
  client-side prototype pullution vulnerability scanner
  ☆46Updated 3 years ago
• kh4sh3i / ElasticSearch-Pentesting
  ElasticSearch exploit and Pentesting guide for penetration tester
  ☆22Updated 2 years ago
• snyff / Talks
  My talks...
  ☆23Updated last month
• sneakid / DC30-PhineasTalk
  Slides for the talk we presented as UniPi at DefCon's Red Team Village
  ☆23Updated 2 years ago
• ClickCyber / cve-2022-42889
  cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…
  ☆37Updated 2 years ago
• 3sjay / sploits
  some sploits
  ☆17Updated last month
• ethiack / CVE-2023-29007
  PoC repository for CVE-2023-29007
  ☆32Updated last year
• wrvenkat / burp-multistep-csrf-poc
  Burp extension to generate multi-step CSRF POC.
  ☆29Updated 5 years ago