Alternatives and similar repositories for Blacklist3r:

Users that are interested in Blacklist3r are comparing it to the libraries listed below

• noperator / CVE-2019-18935
  RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.
  ☆353Updated 2 years ago
• BishopFox / GadgetProbe
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆595Updated 3 years ago
• 0xacb / viewgen
  Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
  ☆599Updated 2 weeks ago
• Ridter / noPac
  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
  ☆843Updated 2 years ago
• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆619Updated last year
• ropnop / impacket_static_binaries
  Standalone binaries for Linux/Windows of Impacket's examples
  ☆727Updated last year
• mubix / IOXIDResolver
  IOXIDResolver.py from AirBus Security
  ☆229Updated last year
• pimps / ysoserial-modified
  That repository contains my updates to the well know java deserialization exploitation tool ysoserial.
  ☆177Updated 2 years ago
• whitel1st / docem
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆580Updated last year
• SecurityRiskAdvisors / cmd.jsp
  A super small jsp webshell with file upload capabilities.
  ☆294Updated 3 years ago
• blackarrowsec / mssqlproxy
  mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socke…
  ☆739Updated 4 years ago
• leechristensen / SpoolSample
  PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as w…
  ☆959Updated 8 months ago
• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆846Updated 3 years ago
• tothi / rbcd-attack
  Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
  ☆518Updated 2 years ago
• qtc-de / remote-method-guesser
  Java RMI Vulnerability Scanner
  ☆851Updated 7 months ago
• Wh04m1001 / DFSCoerce
  ☆760Updated 2 years ago
• nccgroup / GTFOBLookup
  Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Proj…
  ☆273Updated last year
• synacktiv / HopLa
  HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
  ☆722Updated 3 years ago
• itm4n / FullPowers
  Recover the default privilege set of a LOCAL/NETWORK SERVICE account
  ☆596Updated 4 years ago
• qtc-de / beanshooter
  JMX enumeration and attacking tool.
  ☆417Updated 3 weeks ago
• VoidSec / CVE-2020-1472
  Exploit Code for CVE-2020-1472 aka Zerologon
  ☆382Updated 4 years ago
• dirkjanm / adidnsdump
  Active Directory Integrated DNS dumping by any authenticated user
  ☆973Updated 2 months ago
• ShutdownRepo / targetedKerberoast
  Kerberoast with ACL abuse capabilities
  ☆406Updated 2 months ago
• TarlogicSecurity / kerbrute
  An script to perform kerberos bruteforcing by using impacket
  ☆445Updated 2 years ago
• FuzzySecurity / StandIn
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆740Updated last year
• blackarrowsec / redteam-research
  Collection of PoC and offensive techniques used by the BlackArrow Red Team
  ☆1,098Updated 7 months ago
• AlmondOffSec / PassTheCert
  Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆596Updated 7 months ago
• dirkjanm / PrivExchange
  Exchange your privileges for Domain Admin privs by abusing Exchange
  ☆996Updated 5 years ago
• the-useless-one / pywerview
  A (partial) Python rewriting of PowerSploit's PowerView
  ☆950Updated 2 months ago
• fox-it / aclpwn.py
  Active Directory ACL exploitation with BloodHound
  ☆714Updated 3 years ago