a collection of payloads for common webapps
☆72Apr 24, 2013Updated 12 years ago
Alternatives and similar repositories for Webapp-Exploit-Payloads
Users that are interested in Webapp-Exploit-Payloads are comparing it to the libraries listed below
Sorting:
- Repository aimed to compile scripts and tools that can be used during penetration tests to assess the security of different flash related…☆10Jan 5, 2015Updated 11 years ago
- a CMD shell in masm that listens on port 8080☆12Dec 19, 2020Updated 5 years ago
- Spy Agency Teasing☆14Jan 2, 2015Updated 11 years ago
- This is a SOAP service written in C# that has intentional SQL injection vulnerabilties.☆21Nov 27, 2016Updated 9 years ago
- TFTP Theft is a tool which allows one to quickly scan/bruteforce a tftp server for files and download them instantly☆70Apr 20, 2016Updated 9 years ago
- ☆52Apr 14, 2015Updated 10 years ago
- Repository for proxenet plugins☆14Jun 14, 2016Updated 9 years ago
- Web Application Firewall For Limited Exploitation☆17Nov 15, 2017Updated 8 years ago
- OAuth plugin for Burp Suite Extender☆43Jun 27, 2018Updated 7 years ago
- Elasticsearch 1.4.0 < 1.4.2 Remote Code Execution exploit and vulnerable container☆32Apr 7, 2018Updated 7 years ago
- Shellcode tracer☆15Jun 12, 2016Updated 9 years ago
- This is my path to OSCP☆11Jun 16, 2018Updated 7 years ago
- Post Exploitation Linux Toolkit☆33Oct 19, 2016Updated 9 years ago
- Joomla User-Agent/X-Forwarded-For RCE☆17Feb 5, 2016Updated 10 years ago
- Broken web app intentionally built with pentesting obstacles☆15Jun 21, 2019Updated 6 years ago
- ☆11Mar 9, 2016Updated 9 years ago
- This work-in-progress "Orion Webshell Detector" was created with the intention of assisting web application code reviews coded in PHP, AS…☆13Oct 28, 2014Updated 11 years ago
- DNS TCP to UDP proxy☆10Jul 19, 2015Updated 10 years ago
- Exploit Dev Wiki☆13Dec 29, 2013Updated 12 years ago
- ☆17Oct 5, 2014Updated 11 years ago
- Basic app to practice modsec bypass☆22May 12, 2016Updated 9 years ago
- Cross-site request forgery Learning Platform☆21Sep 13, 2014Updated 11 years ago
- Python script to efficiently find files on UNIX like file systems with specific properties (quicker than find)☆19Jul 7, 2015Updated 10 years ago
- Clone of Metasploit's wiki w/ additions☆17Nov 22, 2015Updated 10 years ago
- Javascript library fuzzer. Tries to detect functions which may lead to XSS vulnerabilities if untrusted data is passed to said functions.☆16Oct 6, 2020Updated 5 years ago
- Clickjacking Proof-of-Concept Exploit☆25Oct 1, 2020Updated 5 years ago
- ActionScript Proof of Concept to perform cross-domain reads☆16Aug 26, 2013Updated 12 years ago
- Anti-Anti-Automation Framework☆100Aug 18, 2014Updated 11 years ago
- Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created d…☆66May 16, 2024Updated last year
- Scripts, tools, and proof-of-concepts to aid in a penetration test.☆97Jul 9, 2020Updated 5 years ago
- XXE OOB Exploitation Toolset for Automation☆63Jan 20, 2014Updated 12 years ago
- ☆12Oct 16, 2017Updated 8 years ago
- Everything you need to exploit overly permissive crossdomain.xml files☆86Nov 12, 2014Updated 11 years ago
- Vulnerable Linux socket game for educational purposes☆22Apr 22, 2017Updated 8 years ago
- Generates a Windows 'vulnerable' machine from ISOs☆91Oct 7, 2013Updated 12 years ago
- A DB of known Web Application Admin URLS, Username/Password Combos and Exploits☆156Apr 22, 2015Updated 10 years ago
- Splunk Web Shell☆51Mar 25, 2015Updated 10 years ago
- rev-door is a small backdoor with only ONE line of PHP code, which takes command from POST data and execute it on server side. It is like…☆26May 12, 2016Updated 9 years ago
- ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461☆48Mar 19, 2015Updated 10 years ago