NotSoSecure / Blacklist3r

Related projects ⓘ

Alternatives and complementary repositories for Blacklist3r

• noperator / CVE-2019-18935
  RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.
  ☆348Updated 2 years ago
• mubix / IOXIDResolver
  IOXIDResolver.py from AirBus Security
  ☆220Updated last year
• qtc-de / remote-method-guesser
  Java RMI Vulnerability Scanner
  ☆828Updated 4 months ago
• whitel1st / docem
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆527Updated 9 months ago
• BishopFox / GadgetProbe
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆585Updated 3 years ago
• Ridter / noPac
  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
  ☆803Updated last year
• 0xacb / viewgen
  Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
  ☆584Updated last year
• pimps / ysoserial-modified
  That repository contains my updates to the well know java deserialization exploitation tool ysoserial.
  ☆176Updated 2 years ago
• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆611Updated 9 months ago
• qtc-de / beanshooter
  JMX enumeration and attacking tool.
  ☆392Updated last month
• ropnop / impacket_static_binaries
  Standalone binaries for Linux/Windows of Impacket's examples
  ☆718Updated last year
• synacktiv / HopLa
  HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
  ☆712Updated 3 years ago
• leechristensen / SpoolSample
  PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as w…
  ☆924Updated 5 months ago
• 0xC01DF00D / Collabfiltrator
  Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
  ☆249Updated 2 weeks ago
• skahwah / SQLRecon
  A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
  ☆665Updated 2 months ago
• SecurityRiskAdvisors / cmd.jsp
  A super small jsp webshell with file upload capabilities.
  ☆290Updated 3 years ago
• tothi / rbcd-attack
  Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
  ☆496Updated 2 years ago
• nccgroup / GTFOBLookup
  Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Proj…
  ☆263Updated last year
• sosdave / KeyTabExtract
  Extracts Key Values from .keytab files
  ☆215Updated 4 years ago
• Wh04m1001 / DFSCoerce
  ☆734Updated 2 years ago
• volkandindar / agartha
  A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…
  ☆354Updated last month
• hausec / ProxyLogon
  ☆290Updated 4 months ago
• ShutdownRepo / pywhisker
  Python version of the C# tool for "Shadow Credentials" attacks
  ☆608Updated this week
• zcgonvh / EfsPotato
  Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
  ☆726Updated 11 months ago
• fox-it / aclpwn.py
  Active Directory ACL exploitation with BloodHound
  ☆703Updated 3 years ago
• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆804Updated 2 years ago
• itm4n / FullPowers
  Recover the default privilege set of a LOCAL/NETWORK SERVICE account
  ☆575Updated 4 years ago
• dirkjanm / PKINITtools
  Tools for Kerberos PKINIT and relaying to AD CS
  ☆636Updated 7 months ago
• blacklanternsecurity / badsecrets
  A library for detecting known secrets across many web frameworks
  ☆520Updated this week
• httpvoid / CVE-Reverse
  ☆278Updated 3 years ago