Script to test if a server is vulnerable to the JetLeak vulnerability
☆144Jul 1, 2016Updated 9 years ago
Alternatives and similar repositories for Jetleak-Testing-Script
Users that are interested in Jetleak-Testing-Script are comparing it to the libraries listed below
Sorting:
- Penetration Testing Tools Developed by AppSec Consulting.☆48Dec 7, 2018Updated 7 years ago
- CVE-2017-9506 - SSRF☆190Feb 14, 2022Updated 4 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.��☆518Jul 29, 2020Updated 5 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆284Jul 22, 2017Updated 8 years ago
- A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities☆60Apr 18, 2017Updated 8 years ago
- PoC for CVE-2018-1002105.☆222Dec 21, 2018Updated 7 years ago
- ☆72Nov 20, 2017Updated 8 years ago
- The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…☆13Dec 17, 2018Updated 7 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,483Oct 12, 2024Updated last year
- A Java serializer in JavaScript☆80May 21, 2018Updated 7 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,130Dec 16, 2024Updated last year
- ☆162Dec 7, 2017Updated 8 years ago
- Script to test for Cisco ASA path traversal vulnerability (CVE-2018-0296) and extract system information.☆206Feb 15, 2024Updated 2 years ago
- a poc framework to test hosts via zoomeye sdk☆32Jun 26, 2017Updated 8 years ago
- Collection of exploits/POC for PrestaShop cookie vulnerabilities (CVE-2018-13784)☆48Jul 17, 2018Updated 7 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- A tiny and cute URL fuzzer☆402Nov 10, 2022Updated 3 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- An exploit for Apache Struts CVE-2018-11776☆302Aug 26, 2018Updated 7 years ago
- Stealing CSRF tokens with CSS injection (without iFrames)☆322Feb 7, 2018Updated 8 years ago
- Java serialization brute force attack tool.☆123Aug 18, 2017Updated 8 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆799Nov 7, 2021Updated 4 years ago
- Java RMI enumeration and attack tool.☆745Sep 28, 2017Updated 8 years ago
- a tiny tool for swf hacking, just browse it:)☆243Mar 13, 2013Updated 12 years ago
- JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool☆2,512Jan 21, 2020Updated 6 years ago
- An example of obtaining RCE via Redis and CSRF☆76Sep 11, 2016Updated 9 years ago
- CVE-2017-10271 POC☆29Jan 10, 2018Updated 8 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆379Oct 12, 2020Updated 5 years ago
- CVE-2019-12949☆26Jun 28, 2019Updated 6 years ago
- RFD Checker - security CLI tool to test Reflected File Download issues☆64Feb 26, 2019Updated 7 years ago
- The great TCP Gender Changer (tgcd) tool compiled for Windows☆14Apr 18, 2016Updated 9 years ago
- ☆133Nov 6, 2015Updated 10 years ago
- St2-057 Poc Example☆310Aug 25, 2018Updated 7 years ago
- Scans crossdomain.xml policies for expired domain names.☆26Aug 4, 2015Updated 10 years ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java☆55Jul 21, 2016Updated 9 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆403Dec 16, 2022Updated 3 years ago