Keramas / mssqli-duet
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
☆93Updated 4 years ago
Alternatives and similar repositories for mssqli-duet:
Users that are interested in mssqli-duet are comparing it to the libraries listed below
- RCE for Pega Infinity >= 8.2.1, Pega Infinity <= 8.5.2☆60Updated 3 years ago
- Local File Inclusion Burp-Suite Intruder Payload Generator Plugin☆39Updated 4 years ago
- "Powershell script assisting with domain enumerating and in finding quick wins" - Basically written while doing the 'Advanced Red Team' l…☆80Updated 3 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆39Updated 3 years ago
- RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer☆55Updated 5 years ago
- Writeup of CVE-2020-15906☆47Updated 4 years ago
- A list of "secrets" from JWT sample code and readme files.☆54Updated 4 years ago
- Use normal web pentest tools to hack Websockets☆18Updated 5 years ago
- A bridge between masscan and nmap - run fast masscan, parse output, execute nmap using masscan as input☆28Updated 3 months ago
- A tool for creating proxy dll for hijacking☆42Updated 4 months ago
- CVE-2018-9276 PRTG < 18.2.39 Authenticated Command Injection (Reverse Shell)☆36Updated 4 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆62Updated 3 years ago
- Exploits developed by Mikael Kall☆47Updated last year
- CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit☆155Updated 4 years ago
- TheCl0n3r will allow you to download and manage your git repositories.☆51Updated 4 years ago
- DO NOT RUN THIS.☆47Updated 3 years ago
- A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts t…☆61Updated 6 years ago
- ☆45Updated 7 years ago
- Cheat sheet☆38Updated 5 years ago
- Hacked together script for feeding urls into Burp's Sitemap☆93Updated 2 years ago
- CVE-2018-17246 - Kibana LFI < 6.4.3 & 5.6.13☆63Updated 5 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆75Updated 4 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆47Updated 4 years ago
- A Web-UI for subdomain enumeration (subfinder)☆54Updated 4 years ago
- A Red Team tool for exfiltrating sensitive data from Jira tickets.☆84Updated 2 years ago
- Gopher Tomcat Deployer☆47Updated 6 years ago
- learning case to prepare OSWE☆37Updated 5 years ago
- A web shell for pivoting and lateral movement☆33Updated 7 years ago
- JavaScript functions intended to be used as an XSS payload against a WordPress admin account.☆54Updated 4 years ago