psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write files into the webroot (aka document root). The "blind" aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source …
☆19Jun 28, 2018Updated 7 years ago
Alternatives and similar repositories for psycho-path
Users that are interested in psycho-path are comparing it to the libraries listed below
Sorting:
- Windows Stack Based Auto Buffer Overflow Exploiter☆21Feb 19, 2021Updated 5 years ago
- ☆21Aug 3, 2022Updated 3 years ago
- A Collection of Proof of Concepts for non-published Web Exploits and Common CVEs☆10Nov 29, 2020Updated 5 years ago
- It contain google dork to find the wsdl file.☆13May 27, 2020Updated 5 years ago
- Python Reverse Shell Builder with some advanced functionalities☆10Feb 16, 2021Updated 5 years ago
- Pulse SSL VPN Arbitrary File Read burp extension☆24Sep 24, 2019Updated 6 years ago
- The aim of the project is to develop intentionally vulnerable source code in various languages.☆15May 3, 2020Updated 5 years ago
- ☆11Oct 7, 2022Updated 3 years ago
- Accompanying material needed for the workshop☆11Jun 14, 2023Updated 2 years ago
- GetSimple CMS Custom JS Plugin Exploit RCE Chain☆11Mar 8, 2023Updated 2 years ago
- LFI/RFI scanner by Iman Karim (fimap.dev@gmail.com)☆10Jul 3, 2015Updated 10 years ago
- ☆16Oct 30, 2022Updated 3 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- Learn what is NoSQL injection and how to find them ?☆10Jul 22, 2021Updated 4 years ago
- Misc. Public Reports of Penetration Testing and Security Audits.☆35Jan 8, 2021Updated 5 years ago
- ⚡ Golang library for quick make pentest tools☆15Apr 7, 2025Updated 10 months ago
- The Repository contains various payloads, tools, tips and tricks from various hackers around the world. Please take a quick look down her…☆15May 15, 2025Updated 9 months ago
- stdin writes to slack☆14Feb 8, 2020Updated 6 years ago
- Simple command shell collections☆35Mar 7, 2021Updated 4 years ago
- The list of files through which we can pop-up the java script alert box☆40Mar 5, 2018Updated 7 years ago
- Facebook Bug Bounties☆106Feb 24, 2021Updated 5 years ago
- shamelessly ripped from https://github.com/khalilbijjou/WAFNinja/☆19Dec 16, 2016Updated 9 years ago
- Notes and helper scripts/files/etc from when I passed my OSCP☆19Sep 17, 2019Updated 6 years ago
- Collection of content discovery wordlists in one wordlist.☆38Jan 18, 2022Updated 4 years ago
- ☆42Apr 18, 2023Updated 2 years ago
- A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.☆24Mar 11, 2024Updated last year
- Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Stock Management System v1.0 al…☆21Mar 30, 2021Updated 4 years ago
- My notes of Day1 Day2 will be posted here as journey☆17Jan 6, 2021Updated 5 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆38Nov 8, 2017Updated 8 years ago
- HTML source files demonstrating HTML5 postmessage vulnerabilities☆20Jul 26, 2020Updated 5 years ago
- Alias for storing ffuf results☆20May 23, 2020Updated 5 years ago
- A curated list of FOSS software appliances for building a SOC☆18Jan 11, 2021Updated 5 years ago
- LDAP Injection Vulnerability Application(Blog Sample Code)☆22Oct 4, 2018Updated 7 years ago
- ☆20Aug 15, 2020Updated 5 years ago
- Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Tailor Management System v1.0 a…�☆25Sep 2, 2020Updated 5 years ago
- ☆122Mar 27, 2017Updated 8 years ago
- ☆14Oct 1, 2021Updated 4 years ago
- Simple shell script for automated domain recognition with some tools☆20Mar 9, 2019Updated 6 years ago
- Active DIrectory Lab for Pentesting Practice☆24Aug 9, 2022Updated 3 years ago