Ruulian / wconsole_extractorLinks
WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode. You just have to write a python function that leaks a file content and you have your shell :)
☆58Updated 3 months ago
Alternatives and similar repositories for wconsole_extractor
Users that are interested in wconsole_extractor are comparing it to the libraries listed below
Sorting:
- Some tips for Bug Bounty using LibreOffice☆51Updated 7 months ago
- Auto-Recon script that will help you in the Burp Suite Certified Practitioner Examor with any web-security lab.☆47Updated last year
- This tool allows to automatically test for Content Security Policy bypass payloads.☆44Updated last year
- A python module to explore the object tree to extract paths to interesting objects in memory.☆102Updated 8 months ago
- PP-finder Help you find gadget for prototype pollution exploitation☆178Updated last year
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆148Updated 9 months ago
- This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) an…☆98Updated 3 weeks ago
- The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.☆99Updated 2 months ago
- Enumerate / Dump Docker Registry☆181Updated last year
- By using its cutting edge technology (lolnope), you can now have a persistent multi reverse pty handler!☆94Updated 6 months ago
- A python script to dump all the challenges locally of a CTFd-based Capture the Flag.☆154Updated 10 months ago
- POC for CVE-2021-41091☆65Updated 2 years ago
- Interact with Hackthebox using your terminal - Be faster and more competitive !☆132Updated last week
- his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulne…☆163Updated 6 months ago
- Official writeups for Business CTF 2024: The Vault Of Hope☆156Updated 10 months ago
- ☆90Updated 2 months ago
- Offensive Web is a documentation website about security research, difficult concepts, bypass and new exploitation techniques.☆28Updated 5 months ago
- A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.☆102Updated 3 months ago
- SkillArch☆37Updated 2 weeks ago
- Easily create and share Proof of Concepts in HTML, JavaScript, etc. with custom headers, all via query parameters☆14Updated 7 months ago
- Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege e…☆61Updated 2 years ago
- XXE techniques☆12Updated 3 years ago
- LFI to RCE via phpinfo() assistance or via controlled log file☆71Updated 2 years ago
- A complete table of results of types comparison in multiple languages☆35Updated 3 years ago
- GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.☆155Updated 7 months ago
- Fast exfiltration of text using only CSS and Ligatures☆65Updated last month
- ☆118Updated last year
- Phar + JPG Polyglot generator and playground (CTF CODE)☆94Updated 6 years ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆150Updated last year
- CeWLeR - Custom Word List generator Redefined. CeWL alternative in Python, based on the Scrapy framework.☆126Updated this week