This repo contains all the injections mentioned in my talk and enumerators.
☆136Dec 1, 2023Updated 2 years ago
Alternatives and similar repositories for portable-data-exfiltration
Users that are interested in portable-data-exfiltration are comparing it to the libraries listed below
Sorting:
- Pythonize Intruder Payload☆13Dec 15, 2020Updated 5 years ago
- SolarWinds Orion Platform ActionPluginBaseView 反序列化RCE☆47Oct 23, 2021Updated 4 years ago
- Burp extension to generate multi-step CSRF POC.☆31Sep 23, 2019Updated 6 years ago
- ☆95Sep 18, 2021Updated 4 years ago
- Updated version of SWFIntruder☆27Aug 16, 2016Updated 9 years ago
- This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse pr…☆14Feb 20, 2023Updated 3 years ago
- get the http allowed methods for URLs list☆13Feb 22, 2021Updated 5 years ago
- Study notes on Windows NTLM Reflection and token stealing based EOPs.☆20May 5, 2021Updated 4 years ago
- Writeup for the challenges in H@cktivityCon CTF 2020☆17Aug 6, 2020Updated 5 years ago
- woodpecker框架专用bcel库☆12Apr 30, 2021Updated 4 years ago
- some codeql rules☆15Apr 6, 2020Updated 5 years ago
- ☆20Jan 12, 2022Updated 4 years ago
- ☆695Jul 4, 2022Updated 3 years ago
- ☆563Mar 27, 2025Updated 11 months ago
- Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.☆277Jan 28, 2025Updated last year
- Cloud Discovery - brute force public AWS, GCP, Alibaba, and Azure cloud services☆24Jan 21, 2021Updated 5 years ago
- Scan and categorize websites for rapid triage☆12Jun 23, 2022Updated 3 years ago
- ☆148Feb 17, 2022Updated 4 years ago
- Simple "postMessage logger" Chrome extension☆103May 2, 2020Updated 5 years ago
- Tests for SSRF by injecting a specified location into different headers. This is a Rust port of m4ll0k's tool.☆37Jul 7, 2020Updated 5 years ago
- Burp Suite Extension to monitor new scope☆16Mar 31, 2021Updated 4 years ago
- CVEs and Techniques used PDF as an attack vector.☆111Jul 5, 2022Updated 3 years ago
- This repository presents a proof-of-concept of CVE-2024-23897☆16Apr 16, 2024Updated last year
- ☆16May 3, 2021Updated 4 years ago
- The scripts helps security analsts to identify misconfigured firebase instances.☆234Aug 9, 2022Updated 3 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆2,063Jan 2, 2024Updated 2 years ago
- 🧠碎片化知识☆16Aug 26, 2020Updated 5 years ago
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- A tool for testing subdomain takeover possibilities at a mass scale.☆50May 23, 2021Updated 4 years ago
- Burp extension to automatically drop requests that match a certain regex.☆10Mar 10, 2023Updated 3 years ago
- Burpsuite Plugin to detect Directory Traversal vulnerabilities☆27Jul 22, 2021Updated 4 years ago
- DO NOT USE: this is a vulnerable ASP.NET web app using Razor templating engine. The vulnerability is a Server-Side Template Injection (SS…☆28Aug 22, 2020Updated 5 years ago
- The dexdump tool☆17Dec 27, 2013Updated 12 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆392Aug 15, 2024Updated last year
- HTTP Request Smuggling Detection Tool☆536Dec 21, 2023Updated 2 years ago
- The iOS Reloader is a weaponizing tool for jailbroken iOS devices. It facilitates the installation of a collection of tools on iOS device…☆17Sep 15, 2025Updated 6 months ago
- PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)☆226Sep 29, 2020Updated 5 years ago
- Adobe Experience Manager Vulnerability Scanner☆186May 22, 2023Updated 2 years ago
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year