EnableSecurity / Webapp-Exploit-Payloads
a collection of payloads for common webapps
☆73Updated 11 years ago
Alternatives and similar repositories for Webapp-Exploit-Payloads:
Users that are interested in Webapp-Exploit-Payloads are comparing it to the libraries listed below
- Materials related to the 2017 BSides Las Vegas presentation☆52Updated 4 years ago
- Disrupt WAF by abusing SSL/TLS Ciphers☆48Updated 6 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆44Updated 8 years ago
- This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.☆58Updated 7 years ago
- Listing subdomains about a main domain☆58Updated 6 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆25Updated 7 years ago
- Various tools for managing bug bounty recon and exploration.☆47Updated 2 years ago
- Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created d…☆67Updated 10 months ago
- WhiteBox CMS analysis☆69Updated last year
- ☆47Updated 9 years ago
- Penetration Testing Tools Developed by AppSec Consulting.☆48Updated 6 years ago
- Tool for checking Whether a domain or its multiple sub-domains are up and running.☆72Updated 6 years ago
- Subdomain brute force focused on speed and data serialization☆74Updated 2 years ago
- Advanced XPath Injection Tool☆34Updated 9 years ago
- PHP tool to test XSS☆22Updated 5 years ago
- Automatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS☆83Updated 2 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆82Updated 7 years ago
- A collection of Nmap NSE scripts that I made.☆27Updated 12 years ago
- Web shells for use in penetration testing☆39Updated 10 years ago
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆42Updated 12 years ago
- Just a silly recon tool that uses data from SSL Certificates to find potential host names☆30Updated last year
- Fingerprint a web app using local files as the fingerprint sources☆38Updated 7 years ago
- OSCP related stuff ^_^ - Try Harder!☆9Updated 6 years ago
- This is a Firefox WebExtension that monitors the browsing activity and automatically perform an automated XSS vulnerability scan by submi…☆19Updated 8 years ago
- Modified version of ActiveScan++ Burp Suite extension☆31Updated 8 years ago
- Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability☆10Updated 6 years ago
- Dumain Bruteforcer - a fast and flexible domain bruteforcer☆53Updated 6 years ago
- XSS Payloads☆49Updated 9 years ago
- Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process.☆45Updated 4 years ago
- BlindRef serves as the basis for an automated Blind-Based XXE Exploitation Framework☆26Updated 8 years ago