EnableSecurity / Webapp-Exploit-Payloads
a collection of payloads for common webapps
☆73Updated 11 years ago
Alternatives and similar repositories for Webapp-Exploit-Payloads:
Users that are interested in Webapp-Exploit-Payloads are comparing it to the libraries listed below
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆44Updated 7 years ago
- Materials related to the 2017 BSides Las Vegas presentation☆51Updated 4 years ago
- Various tools for managing bug bounty recon and exploration.☆47Updated 2 years ago
- Web shells for use in penetration testing☆39Updated 9 years ago
- This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.☆58Updated 7 years ago
- Disrupt WAF by abusing SSL/TLS Ciphers☆48Updated 6 years ago
- Penetration Testing Tools Developed by AppSec Consulting.☆48Updated 6 years ago
- HTTPoxy Exploit Scanner by 1N3 @CrowdShield☆104Updated 7 years ago
- WhiteBox CMS analysis☆69Updated last year
- OWASP Skanda - SSRF Exploitation Framework☆37Updated 11 years ago
- Subdomain brute force focused on speed and data serialization☆75Updated 2 years ago
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆42Updated 12 years ago
- Dumain Bruteforcer - a fast and flexible domain bruteforcer☆53Updated 6 years ago
- Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability☆10Updated 6 years ago
- Advanced XPath Injection Tool☆34Updated 9 years ago
- Spray SMB with hashes, Then psexec☆32Updated 5 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38Updated 7 years ago
- TheDoc is a simple but very useful SQLMAP automator with built in admin finder, hash cracker(using hashca) and more!☆98Updated 6 years ago
- PAVELOW Exploit Toolbox is a BASH script that corresponds with your KALI distro to better help your vulnerability hunting and exploiting …☆87Updated 6 years ago
- Automatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS☆83Updated 2 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆25Updated 7 years ago
- BlindRef serves as the basis for an automated Blind-Based XXE Exploitation Framework☆26Updated 7 years ago
- Provide a shell-like interface for exploiting Remote File Inclusion vulnerabilities.☆46Updated 8 years ago
- Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created d…☆67Updated 8 months ago
- Discovers and exploits hosts vulnerable to MS08-067/MS17-010☆41Updated 6 years ago
- Listing subdomains about a main domain☆58Updated 6 years ago
- Tool for checking Whether a domain or its multiple sub-domains are up and running.☆72Updated 6 years ago
- Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords☆51Updated 7 years ago
- Reconnaissance scripts for penetration testing☆57Updated 9 years ago
- Modified version of ActiveScan++ Burp Suite extension☆31Updated 8 years ago