"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
☆138Dec 22, 2017Updated 8 years ago
Alternatives and similar repositories for HttpPwnly
Users that are interested in HttpPwnly are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Microsoft Office / COM Object DLL Planting☆15May 14, 2016Updated 9 years ago
- BrowserBackdoor is an Electron Application with a JavaScript WebSocket Backdoor and a Ruby Command-Line Listener☆343Aug 14, 2022Updated 3 years ago
- Overwrite C/C++ functions in memory for x86-32/64 on Linux, Mac & Windows☆15Jun 12, 2023Updated 2 years ago
- A tool to visually snapshot a website by supplying multiple user-agent. Designed to aid in discovery of different entry points into an ap…☆30May 6, 2016Updated 9 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆110Sep 26, 2017Updated 8 years ago
- ☆11Mar 11, 2015Updated 11 years ago
- Cgiemail - Source Code Disclosure/LFI☆16Oct 21, 2016Updated 9 years ago
- Burp extension to quickly and easily develop Python complex exploits based on Burp proxy requests.☆32Nov 29, 2015Updated 10 years ago
- An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically☆496Sep 21, 2021Updated 4 years ago
- Windows login backdoor diagnostic tool☆11Apr 2, 2017Updated 8 years ago
- BrowserExploit is an advanced browser exploit pack for doing internal and external pentesting, helping gaining access to internal compute…☆332Apr 19, 2017Updated 8 years ago
- psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…☆278Feb 12, 2021Updated 5 years ago
- Image size issues plugin for Burp Suite☆95Jun 27, 2018Updated 7 years ago
- A tool to extract database data from a blind SQL injection vulnerability.☆32Jan 4, 2016Updated 10 years ago
- library and intepreter for penetration testing tools☆30Apr 10, 2016Updated 9 years ago
- An example of obtaining RCE via Redis and CSRF☆76Sep 11, 2016Updated 9 years ago
- Local enumeration and exploitation framework.☆18Aug 16, 2017Updated 8 years ago
- DNS TCP to UDP proxy☆10Jul 19, 2015Updated 10 years ago
- BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.☆176Dec 1, 2022Updated 3 years ago
- PLASMA PULSAR☆70May 19, 2017Updated 8 years ago
- Certified Edible Dinosaurs official CTF toolkit☆119Apr 2, 2018Updated 7 years ago
- DNSDelivery provides delivery and in memory execution of shellcode or .Net assembly using DNS requests delivery channel.☆145Oct 6, 2019Updated 6 years ago
- WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr …☆491Oct 3, 2024Updated last year
- ☆74Jul 13, 2022Updated 3 years ago
- Proof-of-Concept exploit for CVE-2016-0189 (VBScript Memory Corruption in IE11)☆114Jun 23, 2016Updated 9 years ago
- A RAT (Remote Administration Tool) using port-knocking techniques for *NIX systems I wrote in 2006 but still works in 2017. libpcap-based…☆49May 3, 2017Updated 8 years ago
- A small python script to check for Cross-Site Tracing (XST)☆133Jan 23, 2016Updated 10 years ago
- ☆13Feb 25, 2014Updated 12 years ago
- Distributed password cracker for operating over high latency networks of loosely coupled hosts.☆13Jul 30, 2013Updated 12 years ago
- From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras☆426Feb 18, 2020Updated 6 years ago
- Windows 8.1 x64 Exploit for MS16-098 RNGOBJ_Integer_Overflow☆92Apr 20, 2017Updated 8 years ago
- LD_PRELOAD rootkit utils☆16Jul 3, 2015Updated 10 years ago
- Windows Privesc Check☆20May 20, 2014Updated 11 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆83Sep 19, 2017Updated 8 years ago
- Evil snippets of Underhanded Red Team tactics☆11Jul 5, 2017Updated 8 years ago
- Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)☆761Jan 28, 2019Updated 7 years ago
- Go library and command line to seek for secrets on various sources.☆242Nov 14, 2019Updated 6 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆169Jun 8, 2017Updated 8 years ago
- Python and Powershell internal penetration testing framework☆720Feb 22, 2016Updated 10 years ago