NotSoSecure / Blacklist3r
project-blacklist3r
☆527Updated 2 weeks ago
Alternatives and similar repositories for Blacklist3r:
Users that are interested in Blacklist3r are comparing it to the libraries listed below
- IOXIDResolver.py from AirBus Security☆238Updated last year
- RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.☆351Updated 2 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆595Updated 4 years ago
- mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socke…☆737Updated 4 years ago
- A super small jsp webshell with file upload capabilities.☆293Updated 3 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆853Updated 2 years ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆725Updated 3 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆604Updated last month
- List DTDs and generate XXE payloads using those local DTDs.☆620Updated last year
- Java RMI Vulnerability Scanner☆854Updated 8 months ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆589Updated last year
- Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.☆266Updated last month
- That repository contains my updates to the well know java deserialization exploitation tool ysoserial.☆176Updated 2 years ago
- Password spraying and bruteforcing tool for Active Directory Domain Services☆360Updated 4 months ago
- Standalone binaries for Linux/Windows of Impacket's examples☆727Updated last year
- Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Proj…☆276Updated last year
- JMX enumeration and attacking tool.☆422Updated 2 months ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆428Updated 2 years ago
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆530Updated 2 years ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆759Updated last year
- Combined port scanning w/ Masscan's speed & Nmap's scanning features.☆148Updated 2 years ago
- Utility to enumerate users, groups and computers from a Windows domain through LDAP queries☆370Updated 3 years ago
- Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel☆610Updated 8 months ago
- Active Directory ACL exploitation with BloodHound☆716Updated 3 years ago
- ☆281Updated 3 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆857Updated 3 years ago
- Exploit Code for CVE-2020-1472 aka Zerologon☆382Updated 4 years ago
- ☆766Updated 2 years ago
- PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as w…☆972Updated 9 months ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆256Updated 2 years ago