DNS Rebinding Exploitation Framework
☆493Apr 27, 2021Updated 5 years ago
Alternatives and similar repositories for dref
Users that are interested in dref are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆501Oct 2, 2021Updated 4 years ago
- A DNS rebinding attack framework.☆1,297Apr 26, 2026Updated last month
- A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)☆661Dec 17, 2021Updated 4 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,498Oct 12, 2024Updated last year
- WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application cont…☆350Aug 27, 2018Updated 7 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A Burp Suite content discovery plugin that add the smart into the Buster!☆379Oct 12, 2020Updated 5 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆103Jun 1, 2018Updated 8 years ago
- Remote Recon and Collection☆461Nov 23, 2017Updated 8 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆661Feb 1, 2025Updated last year
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆583Sep 7, 2021Updated 4 years ago
- Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment☆1,189Oct 24, 2018Updated 7 years ago
- Probe a rendering engine for vulnerabilities and other features☆365Oct 13, 2021Updated 4 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆616Mar 4, 2021Updated 5 years ago
- Payload Generation Framework☆1,984Aug 21, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Automatic tool for DNS rebinding-based SSRF attacks☆306Aug 21, 2020Updated 5 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,805Apr 26, 2024Updated 2 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆284Jul 22, 2017Updated 8 years ago
- ☆210Jan 30, 2019Updated 7 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆266Nov 18, 2021Updated 4 years ago
- The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool…☆1,123Feb 10, 2021Updated 5 years ago
- Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.☆892Feb 23, 2026Updated 3 months ago
- Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.☆944May 8, 2019Updated 7 years ago
- An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector☆1,020Sep 11, 2017Updated 8 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- a CLI for ephemeral penetration testing☆17Dec 10, 2019Updated 6 years ago
- DNS rebinding toolkit☆254May 22, 2023Updated 3 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆744May 4, 2019Updated 7 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,170Dec 16, 2024Updated last year
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,159Apr 21, 2024Updated 2 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆324Apr 8, 2023Updated 3 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆277Feb 11, 2021Updated 5 years ago
- Security Tool to Look For Interesting Files in S3 Buckets☆1,462Apr 10, 2024Updated 2 years ago
- A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…☆1,296Aug 18, 2025Updated 9 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A tool to elevate privilege with Windows Tokens☆1,066Oct 6, 2023Updated 2 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆266Nov 30, 2018Updated 7 years ago
- A script to enumerate virtual hosts on a server.☆693Dec 28, 2017Updated 8 years ago
- ☆2,324Dec 8, 2023Updated 2 years ago
- A PowerShell based utility for the creation of malicious Office macro documents.☆1,108Nov 3, 2017Updated 8 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆341Aug 23, 2019Updated 6 years ago
- DNS-Persist is a post-exploitation agent which uses DNS for command and control.☆208Nov 20, 2017Updated 8 years ago