WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode. You just have to write a python function that leaks a file content and you have your shell :)
☆62Jun 27, 2025Updated 8 months ago
Alternatives and similar repositories for wconsole_extractor
Users that are interested in wconsole_extractor are comparing it to the libraries listed below
Sorting:
- This tool allows to automatically test for Content Security Policy bypass payloads.☆44Sep 4, 2024Updated last year
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆149Dec 9, 2024Updated last year
- ☆10Jan 8, 2023Updated 3 years ago
- This website is used to automatically scan files during CTF.☆13May 31, 2023Updated 2 years ago
- ☆123Dec 6, 2023Updated 2 years ago
- Auto-Recon script that will help you in the Burp Suite Certified Practitioner Examor with any web-security lab.☆52Jul 8, 2024Updated last year
- ☆13Jun 27, 2023Updated 2 years ago
- Check robustness of your (their) Active Directory accounts passwords☆45Mar 5, 2025Updated 11 months ago
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆772Dec 9, 2025Updated 2 months ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆223Feb 6, 2025Updated last year
- A simple pickle assembler to make handcrafting pickle bytecode easier.☆15Apr 16, 2021Updated 4 years ago
- medor is an OSINT tool that enables you to discover a WordPress website IP behind a WAF or behind Onion Services.☆18Jul 6, 2024Updated last year
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆236Oct 8, 2024Updated last year
- CTFd plugin allowing for individual Docker containers per team☆22Jan 15, 2026Updated last month
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆40Dec 24, 2023Updated 2 years ago
- This has all of my resources advised in my youtube channel for the TMUA exam☆20Jan 7, 2025Updated last year
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆111Jun 23, 2025Updated 8 months ago
- A python script to dump all the challenges locally of a CTFd-based Capture the Flag.☆166Nov 18, 2024Updated last year
- A straightforward tool for exploiting SMTP Smuggling vulnerabilities.☆14Jul 22, 2024Updated last year
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.☆24Nov 26, 2024Updated last year
- ☆31Jan 31, 2026Updated last month
- ☆68Nov 5, 2021Updated 4 years ago
- Discord CTF helper bot☆66Jan 20, 2026Updated last month
- PP-finder Help you find gadget for prototype pollution exploitation☆189Aug 8, 2024Updated last year
- Enemies Of Symfony - Debug mode Symfony looter☆346Oct 18, 2024Updated last year
- ☆32Jun 13, 2023Updated 2 years ago
- The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.☆27Mar 9, 2024Updated last year
- CTFd plugin allowing for individual Docker containers per team☆26Jun 27, 2022Updated 3 years ago
- SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions…☆67Oct 13, 2024Updated last year
- Lsass dumper evading (all ?) EDR detection☆49Nov 10, 2025Updated 3 months ago
- This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.☆36May 14, 2022Updated 3 years ago
- CVE-2024-28955 Exploitation PoC☆34Jul 1, 2024Updated last year
- CTFd plugin allowing for individual Docker containers per user or team☆10Oct 14, 2024Updated last year
- ☆93Dec 4, 2025Updated 2 months ago
- A web based OSINT ressource and tool☆184Apr 6, 2025Updated 10 months ago
- F5 BIG-IP RCE exploitation (CVE-2022-1388)☆87May 16, 2022Updated 3 years ago
- Predict Mongo ObjectIds☆150May 2, 2018Updated 7 years ago
- ☆43Mar 13, 2023Updated 2 years ago
- ☆11Oct 31, 2023Updated 2 years ago