FA-PengFei / NGWAF

Related projects ⓘ

Alternatives and complementary repositories for NGWAF

• Invicti-Security / web-inf-path-trav
  Tool for helping in the exploitation of path traversal vulnerabilities in Java web applications
  ☆20Updated 2 years ago
• dwisiswant0 / cve-2023-50164-poc
  Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")
  ☆59Updated 11 months ago
• Moopinger / CLZero
  A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors
  ☆85Updated 9 months ago
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆67Updated 2 years ago
• chaitin / mimicry
  Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.
  ☆54Updated last year
• honoki / burp-digitalocean-openvpn-socks
  A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it
  ☆47Updated 8 months ago
• redhuntlabs / Hunt4Spring
  A "Spring4Shell" vulnerability scanner.
  ☆50Updated 2 years ago
• OsmanKandemir / web-wordlist-generator
  WEB-Wordlist-Generator creates related wordlists after scanning your web applications.
  ☆43Updated 5 months ago
• Antonlovesdnb / DockerDetectionNotes
  Some of my rough notes for Docker threat detection
  ☆46Updated last year
• bassammaged / awsEnum
  Enumerate AWS cloud resources based on provided credential
  ☆50Updated 2 years ago
• saw-your-packet / EC2StepShell
  EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.
  ☆60Updated 2 months ago
• Rnalter / ThunderCloud
  Cloud Exploit Framework
  ☆112Updated 2 years ago
• ClickCyber / cve-2022-42889
  cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…
  ☆37Updated 2 years ago
• PortSwigger / nuclei-burp-integration
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆27Updated last year
• haqqibrahim / Sling-Shot-R3con
  🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯
  ☆24Updated last year
• BishopFox / bigip-scanner
  Determine the running software version of a remote F5 BIG-IP management interface.
  ☆63Updated 10 months ago
• Macmod / goblob
  A fast enumeration tool for publicly exposed Azure Storage blobs.
  ☆78Updated last year
• h4wkst3r / Blackhat-USA-2022-Materials
  Presentation materials for my Black Hat USA 2022 Briefing and Arsenal talks
  ☆64Updated 2 years ago
• vulncheck-oss / cve-2023-36845-scanner
  A go-exploit to scan for Juniper firewalls vulnerable to CVE-2023-36845
  ☆60Updated 3 weeks ago
• jheeree / CVE-2022-1388-checker
  Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5)
  ☆25Updated 2 years ago
• ExpLangcn / agartha
  a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …
  ☆48Updated 2 years ago
• projectdiscovery / network-fingerprint
  A fingerprint generation helper for nuclei network templates
  ☆71Updated 2 years ago
• stafordtituss / HazProne
  HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…
  ☆39Updated 2 years ago
• momika233 / Oracle-E-Business_Login
  ☆17Updated 2 years ago
• ambionics / vbulletin-exploits
  Exploits targeting vBulletin.
  ☆76Updated last year
• rio128128 / CVE-2023-27997-POC
  POC FortiOS SSL-VPN buffer overflow vulnerability
  ☆26Updated last year
• karthikuj / CVE-2022-31101
  Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101)
  ☆26Updated 2 years ago
• HarshVaragiya / sslsearch
  Hunt SSL Certificates for interesting keywords on major cloud service providers / internet
  ☆34Updated 10 months ago