PortSwigger/command-injection-attacker external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

PortSwigger/command-injection-attacker

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/PortSwigger/command-injection-attacker)

Close

PortSwigger / command-injection-attackerView on GitHubMore

• External links
• Readme badge

SHELLING - a comprehensive OS command injection payload generator

☆110Jun 18, 2019Updated 6 years ago

Alternatives and similar repositories for command-injection-attacker

Users that are interested in command-injection-attacker are comparing it to the libraries listed below

• attackercan / burp-xss-sql-plugin

  View on GitHub
  ☆44Sep 28, 2016Updated 9 years ago
• JavanXD / Demo-Exploit-Jackson-RCE

  View on GitHub
  Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.
  ☆18Feb 21, 2019Updated 7 years ago
• syriusbughunt / CVE-2018-14667

  View on GitHub
  All about CVE-2018-14667; From what it is to how to successfully exploit it.
  ☆50Nov 30, 2018Updated 7 years ago
• 0utrider / malrecon

  View on GitHub
  MalRecon - Basic Malware Reconnaissance and Analysis Tool
  ☆26Jun 8, 2017Updated 8 years ago
• nccgroup / argumentinjectionhammer

  View on GitHub
  A Burp Extension designed to identify argument injection vulnerabilities.
  ☆122Apr 16, 2019Updated 6 years ago
• floyd-fuh / burp-HttpFuzzer

  View on GitHub
  Burp plugin to do random fuzzing of HTTP requests
  ☆33Jan 31, 2017Updated 9 years ago
• samhaxr / XXRF-Shots

  View on GitHub
  XXRF Shots - Useful for testing SSRF vulnerability
  ☆74Feb 18, 2023Updated 3 years ago
• Coalfire-Research / java-deserialization-exploits

  View on GitHub
  A collection of curated Java Deserialization Exploits
  ☆591May 16, 2021Updated 4 years ago
• n4xh4ck5 / N4xD0rk

  View on GitHub
  Listing subdomains about a main domain
  ☆59May 9, 2018Updated 7 years ago
• RhinoSecurityLabs / SleuthQL

  View on GitHub
  Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
  ☆469Nov 14, 2019Updated 6 years ago
• BuffaloWill / oxml_xxe

  View on GitHub
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,130Dec 16, 2024Updated last year
• kapytein / jsonp

  View on GitHub
  jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.
  ☆154Feb 15, 2021Updated 5 years ago
• Tw1sm / nessporter

  View on GitHub
  Assists in mass exportation of Nessus scans
  ☆19Apr 20, 2018Updated 7 years ago
• kruegerrobotics / lan-monitor

  View on GitHub
  Simple website to display the LAN status based on a nmap scan
  ☆58Jan 5, 2023Updated 3 years ago
• PaulSec / CSRFT

  View on GitHub
  A lightweight CSRF Toolkit for easy Proof of concept
  ☆172Jun 11, 2014Updated 11 years ago
• devoteam-cybertrust / friOS

  View on GitHub
  iOS Frida Scripts
  ☆37Oct 2, 2017Updated 8 years ago
• tintinweb / aggroArgs

  View on GitHub
  Bruteforce commandline buffer overflows and automated exploit generation, linux, aggressive arguments
  ☆34Apr 10, 2022Updated 3 years ago
• shizzz477 / msploitego

  View on GitHub
  Pentesting suite for Maltego based on data in a Metasploit database
  ☆150Jun 24, 2018Updated 7 years ago
• incredibleindishell / Local-file-disclosure-SQL-Injection-Lab

  View on GitHub
  This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …
  ☆42Mar 14, 2017Updated 8 years ago
• destine21 / ZIPFileRaider

  View on GitHub
  ZIP File Raider - Burp Extension for ZIP File Payload Testing
  ☆72Aug 31, 2020Updated 5 years ago
• pownjs / duct

  View on GitHub
  Essential tool for finding blind injection attacks.
  ☆50Feb 6, 2019Updated 7 years ago
• nikosdano / SSRF-Vulnerable-with-Curl

  View on GitHub
  This is the vulnerable "proxy" I used on this article: http://resources.infosecinstitute.com/the-ssrf-vulnerability/ . A simple, non-vali…
  ☆14Sep 20, 2016Updated 9 years ago
• TestingPens / MalwarePersistenceScripts

  View on GitHub
  A collection of scripts I've written to help red and blue teams with malware persistence techniques.
  ☆127May 30, 2018Updated 7 years ago
• mystech7 / Burp-Hunter

  View on GitHub
  XSS Hunter Burp Plugin
  ☆152Aug 31, 2018Updated 7 years ago
• migolovanov / libinjection-fuzzer

  View on GitHub
  This tool was written as PoC to article https://waf.ninja/libinjection-fuzz-to-bypass/
  ☆39Oct 13, 2017Updated 8 years ago
• jpiechowka / zip-shotgun

  View on GitHub
  Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities (aka Zip Slip)
  ☆31May 31, 2019Updated 6 years ago
• khalilbijjou / WAFNinja

  View on GitHub
  WAFNinja is a tool which contains two functions to attack Web Application Firewalls.
  ☆822Dec 6, 2017Updated 8 years ago
• paulosgf / autoMetasploit

  View on GitHub
  Ruby script to automate metasploit scanning, exploitation, and post-exploitation
  ☆18Jul 4, 2020Updated 5 years ago
• jobertabma / virtual-host-discovery

  View on GitHub
  A script to enumerate virtual hosts on a server.
  ☆691Dec 28, 2017Updated 8 years ago
• torque59 / Nosql-Exploitation-Framework

  View on GitHub
  A Python Framework For NoSQL Scanning and Exploitation
  ☆602Dec 6, 2024Updated last year
• Fmk0 / scripts

  View on GitHub
  ☆102Jul 18, 2019Updated 6 years ago
• nccgroup / AutoRepeater

  View on GitHub
  Automated HTTP Request Repeating With Burp Suite
  ☆890Dec 15, 2021Updated 4 years ago
• wagiro / BurpBounty

  View on GitHub
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
  ☆1,774Apr 26, 2024Updated last year
• ewilded / psychoPATH

  View on GitHub
  psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…
  ☆277Feb 12, 2021Updated 5 years ago
• bkth / optimize_rce_chakra

  View on GitHub
  keynote I gave at GreHack 2019
  ☆19Nov 17, 2019Updated 6 years ago
• screetsec / Microsploit

  View on GitHub
  Fast and easy create backdoor office exploitation using module metasploit packet , Microsoft Office , Open Office , Macro attack , Buffer…
  ☆443Jul 11, 2017Updated 8 years ago
• SpiderMate / B-XSSRF

  View on GitHub
  Toolkit to detect and keep track on Blind XSS, XXE & SSRF
  ☆293Aug 23, 2019Updated 6 years ago
• Shadowz3n / WPExploit

  View on GitHub
  WordPress auto exploit
  ☆29Dec 28, 2017Updated 8 years ago
• TypeError / domained

  View on GitHub
  Multi Tool Subdomain Enumeration
  ☆723Apr 11, 2021Updated 4 years ago