PortSwigger / psycho-pathLinks
psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write files into the webroot (aka document root). The "blind" aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source …
☆19Updated 6 years ago
Alternatives and similar repositories for psycho-path
Users that are interested in psycho-path are comparing it to the libraries listed below
Sorting:
- Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)☆32Updated 2 years ago
- Security test tool for Blind XSS☆26Updated 5 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆41Updated 4 years ago
- A burp extension to generate sqlmap PoC from target HTTP request.☆28Updated 8 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 7 years ago
- burp extender for fuzzing☆10Updated 6 years ago
- ☆32Updated 6 years ago
- Auto Recon Bash Script☆31Updated 5 months ago
- Pulse SSL VPN Arbitrary File Read burp extension☆24Updated 5 years ago
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Updated 6 years ago
- web-based-fuzzer☆32Updated 4 years ago
- Collection of different exploitation scenarios of JWT.☆21Updated 3 years ago
- Subvenkon is a subdomain enumerator from Venkon☆23Updated 5 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆17Updated 5 years ago
- ☆22Updated 3 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- ☆1Updated 4 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆36Updated last year
- Just a simple SMTP server, implementation of @corpix smtpd library☆15Updated 5 years ago
- This is a small extension to make graphql readable☆30Updated 6 years ago
- Burp Intruder File Payload Generator☆18Updated 5 years ago
- CVE, reports, research☆17Updated 4 years ago
- CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE☆32Updated 5 years ago
- Burp extension to generate multi-step CSRF POC.☆30Updated 5 years ago
- A simple tool with the power of "Go" to find the hidden Vhosts defined at the server.☆19Updated 6 years ago
- Tool to try multiple paths for PHPunit RCE CVE-2017-9841☆26Updated 3 years ago
- ☆36Updated 5 months ago
- Tool to find stored robots.txt files from the past☆18Updated 2 years ago
- List of nearly 7 lakhs subdomains in scope probed using httpx to feed to nuclei☆8Updated 4 years ago
- RAS(RAndom Subdomain) Fuzzer☆42Updated 5 years ago