Ruulian / wconsole_extractorLinks
WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode. You just have to write a python function that leaks a file content and you have your shell :)
☆54Updated 9 months ago
Alternatives and similar repositories for wconsole_extractor
Users that are interested in wconsole_extractor are comparing it to the libraries listed below
Sorting:
- Auto-Recon script that will help you in the Burp Suite Certified Practitioner Examor with any web-security lab.☆47Updated 11 months ago
- Some tips for Bug Bounty using LibreOffice☆46Updated 3 months ago
- This tool allows to automatically test for Content Security Policy bypass payloads.☆44Updated 9 months ago
- A python module to explore the object tree to extract paths to interesting objects in memory.☆97Updated 4 months ago
- A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.☆54Updated 3 weeks ago
- By using its cutting edge technology (lolnope), you can now have a persistent multi reverse pty handler!☆90Updated 2 months ago
- SkillArch☆27Updated this week
- GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.☆148Updated 4 months ago
- PP-finder Help you find gadget for prototype pollution exploitation☆164Updated 10 months ago
- SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions…☆64Updated 8 months ago
- Offensive Web is a documentation website about security research, difficult concepts, bypass and new exploitation techniques.☆26Updated last month
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆141Updated 6 months ago
- ☆86Updated 2 months ago
- The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.☆89Updated last month
- A python script to dump all the challenges locally of a CTFd-based Capture the Flag.☆147Updated 7 months ago
- POC for CVE-2021-41091☆65Updated 2 years ago
- ☆23Updated 3 years ago
- Interact with Hackthebox using your terminal - Be faster and more competitive !☆125Updated 2 months ago
- Styx is an cross-platform GUI interface for HackTheBox made in GoLang☆24Updated 10 months ago
- HTTP redirection service designed to help bypass SSRF filters. Integrated with Burp Suite.☆38Updated 2 months ago
- ☆26Updated last month
- ☆95Updated 2 months ago
- LFI to RCE via phpinfo() assistance or via controlled log file☆68Updated 2 years ago
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆40Updated last year
- ☆42Updated 8 months ago
- A python based minimal DNS server to test/verify DNS rebinding attacks☆48Updated 2 years ago
- Memory mapping profiles for forensic analysis using volatility 2☆47Updated 2 years ago
- Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege e…☆57Updated 2 years ago
- A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.☆73Updated last year
- A generic sysreptor template to write on-premise related Altered Security's certifications reports of compromission.☆15Updated 5 months ago