"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
☆138Dec 22, 2017Updated 8 years ago
Alternatives and similar repositories for HttpPwnly
Users that are interested in HttpPwnly are comparing it to the libraries listed below
Sorting:
- Microsoft Office / COM Object DLL Planting☆15May 14, 2016Updated 9 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆109Sep 26, 2017Updated 8 years ago
- BrowserBackdoor is an Electron Application with a JavaScript WebSocket Backdoor and a Ruby Command-Line Listener☆345Aug 14, 2022Updated 3 years ago
- Windows login backdoor diagnostic tool☆11Apr 2, 2017Updated 8 years ago
- DNS TCP to UDP proxy☆10Jul 19, 2015Updated 10 years ago
- A tool to extract database data from a blind SQL injection vulnerability.☆32Jan 4, 2016Updated 10 years ago
- A tool to visually snapshot a website by supplying multiple user-agent. Designed to aid in discovery of different entry points into an ap…☆30May 6, 2016Updated 9 years ago
- An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically☆496Sep 21, 2021Updated 4 years ago
- Overwrite C/C++ functions in memory for x86-32/64 on Linux, Mac & Windows☆15Jun 12, 2023Updated 2 years ago
- library and intepreter for penetration testing tools☆30Apr 10, 2016Updated 9 years ago
- BrowserExploit is an advanced browser exploit pack for doing internal and external pentesting, helping gaining access to internal compute…☆332Apr 19, 2017Updated 8 years ago
- WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr …☆491Oct 3, 2024Updated last year
- Distributed password cracker for operating over high latency networks of loosely coupled hosts.☆13Jul 30, 2013Updated 12 years ago
- ☆11Mar 11, 2015Updated 10 years ago
- Local enumeration and exploitation framework.☆18Aug 16, 2017Updated 8 years ago
- Burp extension to quickly and easily develop Python complex exploits based on Burp proxy requests.☆32Nov 29, 2015Updated 10 years ago
- Cgiemail - Source Code Disclosure/LFI☆16Oct 21, 2016Updated 9 years ago
- An example of obtaining RCE via Redis and CSRF☆76Sep 11, 2016Updated 9 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆83Sep 19, 2017Updated 8 years ago
- BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.☆176Dec 1, 2022Updated 3 years ago
- Image size issues plugin for Burp Suite☆95Jun 27, 2018Updated 7 years ago
- LD_PRELOAD rootkit utils☆16Jul 3, 2015Updated 10 years ago
- Certified Edible Dinosaurs official CTF toolkit☆119Apr 2, 2018Updated 7 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆168Jun 8, 2017Updated 8 years ago
- PLASMA PULSAR☆70May 19, 2017Updated 8 years ago
- Some sample code from my Zero Nights 2017 presentation.☆60Nov 19, 2017Updated 8 years ago
- Windows 8.1 x64 Exploit for MS16-098 RNGOBJ_Integer_Overflow☆92Apr 20, 2017Updated 8 years ago
- ☆13Feb 25, 2014Updated 12 years ago
- psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…☆277Feb 12, 2021Updated 5 years ago
- Tool that dumps beacon frames to a pcap file. Works on Windows Vista or Later with any Wireless Card.☆27Mar 19, 2022Updated 3 years ago
- Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)☆760Jan 28, 2019Updated 7 years ago
- Windows Privesc Check☆20May 20, 2014Updated 11 years ago
- An offensive bash script which tries to find GENERIC privesc vulnerabilities and issues.☆13Oct 17, 2017Updated 8 years ago
- Evil snippets of Underhanded Red Team tactics☆11Jul 5, 2017Updated 8 years ago
- A RAT (Remote Administration Tool) using port-knocking techniques for *NIX systems I wrote in 2006 but still works in 2017. libpcap-based…☆49May 3, 2017Updated 8 years ago
- An environment for comprehensive, automated analysis of web-based exploits, based on Cuckoo sandbox.☆124Aug 10, 2015Updated 10 years ago
- Python and Powershell internal penetration testing framework☆720Feb 22, 2016Updated 10 years ago
- Go library and command line to seek for secrets on various sources.☆242Nov 14, 2019Updated 6 years ago
- Pocs for Antivirus Software‘s Kernel Vulnerabilities☆266Jul 6, 2017Updated 8 years ago