NotSoSecure / Blacklist3r
project-blacklist3r
☆499Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Blacklist3r
- RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.☆348Updated 2 years ago
- IOXIDResolver.py from AirBus Security☆220Updated last year
- Java RMI Vulnerability Scanner☆828Updated 4 months ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆527Updated 9 months ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆585Updated 3 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆803Updated last year
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆584Updated last year
- That repository contains my updates to the well know java deserialization exploitation tool ysoserial.☆176Updated 2 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆611Updated 9 months ago
- JMX enumeration and attacking tool.☆392Updated last month
- Standalone binaries for Linux/Windows of Impacket's examples☆718Updated last year
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆712Updated 3 years ago
- PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as w…☆924Updated 5 months ago
- Exfiltrate blind remote code execution output over DNS via Burp Collaborator.☆249Updated 2 weeks ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆665Updated 2 months ago
- A super small jsp webshell with file upload capabilities.☆290Updated 3 years ago
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆496Updated 2 years ago
- Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Proj…☆263Updated last year
- Extracts Key Values from .keytab files☆215Updated 4 years ago
- ☆734Updated 2 years ago
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆354Updated last month
- ☆290Updated 4 months ago
- Python version of the C# tool for "Shadow Credentials" attacks☆608Updated this week
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆726Updated 11 months ago
- Active Directory ACL exploitation with BloodHound☆703Updated 3 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆804Updated 2 years ago
- Recover the default privilege set of a LOCAL/NETWORK SERVICE account☆575Updated 4 years ago
- Tools for Kerberos PKINIT and relaying to AD CS☆636Updated 7 months ago
- A library for detecting known secrets across many web frameworks☆520Updated this week
- ☆278Updated 3 years ago