Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
☆650Dec 3, 2024Updated last year
Alternatives and similar repositories for Flask-Unsign
Users that are interested in Flask-Unsign are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Flask Session Cookie Decoder/Encoder☆774Feb 8, 2025Updated last year
- ☆1,041Jan 23, 2023Updated 3 years ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,387Apr 18, 2023Updated 3 years ago
- 🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.☆977Jan 10, 2025Updated last year
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,833Sep 29, 2025Updated 8 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆6,664May 1, 2025Updated last year
- ☆350Jan 24, 2023Updated 3 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,919Dec 4, 2025Updated 6 months ago
- Automatically converts Python source code to Pickle opcode☆168Jan 2, 2025Updated last year
- Java RMI Vulnerability Scanner☆919Jul 3, 2024Updated last year
- A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.☆330Jun 2, 2024Updated 2 years ago
- JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP S…☆940Sep 2, 2025Updated 9 months ago
- 专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF☆1,285Updated this week
- Redis(<=5.0.5) RCE☆1,160Sep 24, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Monitor linux processes without root permissions☆6,066Mar 1, 2026Updated 3 months ago
- Simple HS256, HS384 & HS512 JWT token brute force cracker.☆1,172Jul 13, 2024Updated last year
- Deserialization payload generator for a variety of .NET formatters☆3,734Jun 11, 2026Updated last week
- A tool to perform Kerberos pre-auth bruteforcing☆3,352Aug 20, 2024Updated last year
- ☆3,690Jan 9, 2025Updated last year
- Fast web fuzzer written in Go☆16,247Apr 26, 2026Updated last month
- Prototype Pollution and useful Script Gadgets☆1,634Jan 27, 2024Updated 2 years ago
- BloodyAD is an Active Directory Privilege Escalation Framework☆2,209May 13, 2026Updated last month
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,169Apr 21, 2024Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- RunasCs - Csharp and open version of windows builtin runas.exe☆1,397Jul 12, 2024Updated last year
- exec BashCommand with only ! # $ ' ( ) < \ { } just 10 charset used in Bypass or CTF☆266Aug 14, 2024Updated last year
- JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)☆2,812Mar 22, 2023Updated 3 years ago
- JWT brute force cracker written in C☆2,548Jun 2, 2023Updated 3 years ago
- MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize☆1,372Nov 18, 2021Updated 4 years ago
- Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.☆1,596Mar 4, 2024Updated 2 years ago
- A tool to dump a git repository from a website☆2,552May 11, 2026Updated last month
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆242Oct 8, 2024Updated last year
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆768Dec 2, 2022Updated 3 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Web CTF CheatSheet 🐈☆2,974Oct 28, 2025Updated 7 months ago
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆19,991Jun 8, 2026Updated last week
- Kerberos relaying and unconstrained delegation abuse toolkit☆1,610Mar 11, 2026Updated 3 months ago
- Impacket is a collection of Python classes for working with network protocols.☆15,807Jun 11, 2026Updated last week
- Magic hashes – PHP hash "collisions"☆834Mar 23, 2025Updated last year
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆147Oct 27, 2019Updated 6 years ago
- 纯 Java 实现的 MySQL Fake Server | 支持 GUI 版和命令行版 | 支持反序列化和文件读取的利用方式 | 支持常见的 GADGET 和自定义 GADGET 数据 | 根据目标环境自动生成匹配的 PAYLOAD | 支持 PGSQL 和 DERBY …☆831Sep 18, 2023Updated 2 years ago