WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode. You just have to write a python function that leaks a file content and you have your shell :)
☆66Jun 27, 2025Updated 11 months ago
Alternatives and similar repositories for wconsole_extractor
Users that are interested in wconsole_extractor are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This tool allows to automatically test for Content Security Policy bypass payloads.☆45Sep 4, 2024Updated last year
- dead-simple blog template powered by Markdown and PHP☆10May 6, 2025Updated last year
- ☆13Jun 27, 2023Updated 2 years ago
- CVE-2024-34102: Unauthenticated Magento XXE☆14Jan 12, 2025Updated last year
- Auto-Recon script that will help you in the Burp Suite Certified Practitioner Examor with any web-security lab.☆57Jul 8, 2024Updated last year
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆149Dec 9, 2024Updated last year
- Generates a DEBUG PIN for flask applications based on Werkzeug☆20Nov 22, 2023Updated 2 years ago
- ☆11Jan 8, 2023Updated 3 years ago
- A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.☆145Dec 23, 2025Updated 5 months ago
- This website is used to automatically scan files during CTF.☆13May 31, 2023Updated 3 years ago
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆799Dec 9, 2025Updated 6 months ago
- ☆133Dec 6, 2023Updated 2 years ago
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆41Dec 24, 2023Updated 2 years ago
- ☆33Jan 31, 2026Updated 4 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- CTFd plugin allowing for individual Docker containers per team☆27Jan 15, 2026Updated 4 months ago
- Check robustness of your (their) Active Directory accounts passwords☆45Mar 13, 2026Updated 2 months ago
- angr-wrapper is a simple script to automatise and accelerate your basic use of angr (to solve CTF challenges for example)☆14Dec 18, 2021Updated 4 years ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆234Feb 6, 2025Updated last year
- The Linux x86/x86-64 last chance debugging tool☆48Nov 7, 2022Updated 3 years ago
- medor is an OSINT tool that enables you to discover a WordPress website IP behind a WAF or behind Onion Services.☆19Jul 6, 2024Updated last year
- HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets☆36Sep 23, 2022Updated 3 years ago
- Attacking indiscriminately every header, cookie, GET and POST parameter with blind fury.☆13Sep 25, 2025Updated 8 months ago
- This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) an…☆143Feb 4, 2026Updated 4 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- A simple pickle assembler to make handcrafting pickle bytecode easier.☆15Apr 16, 2021Updated 5 years ago
- Generate email permutations from a name and verify if this email exist with different providers (gmail, duckduckgo, yahoo, yandex)☆42Feb 25, 2025Updated last year
- A python module to explore the object tree to extract paths to interesting objects in memory.☆103Jan 31, 2025Updated last year
- ☆17Apr 27, 2023Updated 3 years ago
- Demonstrating how you can take an action to your intrusions detected by Falco using OpenFaaS functions☆26Mar 24, 2021Updated 5 years ago
- A PoC exploit for CVE-2024-4577 - PHP CGI Argument Injection Remote Code Execution (RCE)☆10Jul 12, 2024Updated last year
- A python script to dump all the challenges locally of a CTFd-based Capture the Flag.☆172Apr 3, 2026Updated 2 months ago
- Easily create and share Proof of Concepts in HTML, JavaScript, etc. with custom headers, all via query parameters☆15Jun 1, 2026Updated last week
- Complex multiplication based factorization☆41Feb 21, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆113Jun 23, 2025Updated 11 months ago
- CVE-2022-30780 - lighttpd remote denial of service☆17Mar 16, 2024Updated 2 years ago
- apkfram was written in order to help any mobile penetration testers to identify the Framework used to develop the Android application.☆12Oct 9, 2024Updated last year
- A straightforward tool for exploiting SMTP Smuggling vulnerabilities.☆14Jul 22, 2024Updated last year
- SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions…☆68Oct 13, 2024Updated last year
- A cross-platform tool to find traces of old SIDs remaining in LDAP objects of the Active Directory☆25Jun 29, 2025Updated 11 months ago
- CVE-2024-28955 Exploitation PoC☆35Jul 1, 2024Updated last year