PortSwigger / psycho-path
psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write files into the webroot (aka document root). The "blind" aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source …
☆19Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for psycho-path
- ☆31Updated 5 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 6 years ago
- Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)☆32Updated last year
- Insecure Deserialization, PDF and lab☆17Updated 5 years ago
- XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily,…☆44Updated 3 years ago
- A burp extension to generate sqlmap PoC from target HTTP request.☆28Updated 7 years ago
- The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…☆13Updated 5 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 5 years ago
- ☆0Updated 4 years ago
- RAS(RAndom Subdomain) Fuzzer☆43Updated 4 years ago
- This script is intended to automate your reconnaissance process in an organized fashion☆38Updated 5 years ago
- web-based-fuzzer☆32Updated 4 years ago
- This changes the style of Burp Suite's Repeater tabs to help the testers☆28Updated 5 years ago
- CVE, reports, research☆17Updated 3 years ago
- Collection of different exploitation scenarios of JWT.☆21Updated 3 years ago
- Just a simple SMTP server, implementation of @corpix smtpd library☆14Updated 4 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆39Updated 3 years ago
- Pulse SSL VPN Arbitrary File Read burp extension☆24Updated 5 years ago
- PHP tool to test XSS☆23Updated 5 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆22Updated 7 years ago
- XXE Injection Payloads☆27Updated 5 years ago
- Auto Recon Bash Script☆30Updated 4 years ago
- Burp Intruder File Payload Generator☆18Updated 5 years ago
- Burp extension to generate multi-step CSRF POC.☆29Updated 5 years ago
- An entry level resource to learning bug bounty.☆24Updated 6 years ago