Paradoxis / Flask-UnsignLinks
Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
☆566Updated 8 months ago
Alternatives and similar repositories for Flask-Unsign
Users that are interested in Flask-Unsign are comparing it to the libraries listed below
Sorting:
- ☆867Updated 2 years ago
- Deriving RSA public keys from message-signature pairs☆330Updated last year
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…☆255Updated 8 months ago
- 🎯 Server Side Template Injection Payloads☆676Updated last year
- A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.☆312Updated last year
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆397Updated 2 years ago
- Java RMI Vulnerability Scanner☆883Updated last year
- HopLa Burp Suite Extender plugin - Brings AI capabilities, autocompletion support, and a set of useful payloads to Burp Suite☆762Updated 2 weeks ago
- BChecks collection for Burp Suite Professional and Burp Suite DAST☆706Updated 2 weeks ago
- Simple DNS Rebinding Service☆674Updated 5 years ago
- ☆909Updated 4 months ago
- A library for parsing .DS_Store files and extracting file names☆479Updated 4 years ago
- Automatic SSTI detection tool with interactive interface☆1,137Updated 3 months ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆882Updated 3 years ago
- Because just a dark theme wasn't enough!☆572Updated 7 months ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆373Updated 11 months ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆632Updated last year
- A cheatsheet for exploiting server-side SVG processors.☆749Updated 5 years ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆132Updated 5 years ago
- Flask Session Cookie Decoder/Encoder☆708Updated 5 months ago
- CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …☆284Updated 11 months ago
- Ghostcat read file/code execute,CNVD-2020-10487(CVE-2020-1938)☆396Updated 5 years ago
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆222Updated 9 months ago
- Magic hashes – PHP hash "collisions"☆784Updated 4 months ago
- Sudo Baron Samedit Exploit☆765Updated 3 years ago
- ☆407Updated 3 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆634Updated last year
- CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator☆271Updated 2 years ago
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)☆742Updated 3 years ago
- Decode All Bases - Base Scheme Decoder☆563Updated 2 years ago