Script to test if a server is vulnerable to the JetLeak vulnerability
☆144Jul 1, 2016Updated 9 years ago
Alternatives and similar repositories for Jetleak-Testing-Script
Users that are interested in Jetleak-Testing-Script are comparing it to the libraries listed below
Sorting:
- Penetration Testing Tools Developed by AppSec Consulting.☆48Dec 7, 2018Updated 7 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- CVE-2017-9506 - SSRF☆190Feb 14, 2022Updated 4 years ago
- A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities☆60Apr 18, 2017Updated 8 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,135Dec 16, 2024Updated last year
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆284Jul 22, 2017Updated 8 years ago
- ☆72Nov 20, 2017Updated 8 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- PoC for CVE-2018-1002105.☆222Dec 21, 2018Updated 7 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,483Oct 12, 2024Updated last year
- The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…☆13Dec 17, 2018Updated 7 years ago
- a poc framework to test hosts via zoomeye sdk☆32Jun 26, 2017Updated 8 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43May 1, 2020Updated 5 years ago
- A tiny and cute URL fuzzer☆402Nov 10, 2022Updated 3 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool☆2,516Jan 21, 2020Updated 6 years ago
- ☆162Dec 7, 2017Updated 8 years ago
- A Java serializer in JavaScript☆80May 21, 2018Updated 7 years ago
- Pillage a git repo found in an accessible web root☆61May 17, 2011Updated 14 years ago
- Stealing CSRF tokens with CSS injection (without iFrames)☆323Feb 7, 2018Updated 8 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆801Nov 7, 2021Updated 4 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- Script to test for Cisco ASA path traversal vulnerability (CVE-2018-0296) and extract system information.☆206Feb 15, 2024Updated 2 years ago
- a tiny tool for swf hacking, just browse it:)☆243Mar 13, 2013Updated 13 years ago
- An example of obtaining RCE via Redis and CSRF☆76Sep 11, 2016Updated 9 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆403Dec 16, 2022Updated 3 years ago
- Java serialization brute force attack tool.☆123Aug 18, 2017Updated 8 years ago
- Java RMI enumeration and attack tool.☆745Sep 28, 2017Updated 8 years ago
- CVE-2017-10271 POC☆29Jan 10, 2018Updated 8 years ago
- ☆276Oct 19, 2021Updated 4 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆378Oct 12, 2020Updated 5 years ago
- RFD Checker - security CLI tool to test Reflected File Download issues☆64Feb 26, 2019Updated 7 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- An exploit for Apache Struts CVE-2018-11776☆302Aug 26, 2018Updated 7 years ago
- St2-057 Poc Example☆310Aug 25, 2018Updated 7 years ago
- Updated version of SWFIntruder☆27Aug 16, 2016Updated 9 years ago
- Scans crossdomain.xml policies for expired domain names.☆26Aug 4, 2015Updated 10 years ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,721Dec 1, 2024Updated last year
- Apache Solr Injection Research☆580Jan 28, 2020Updated 6 years ago