SecarmaLabs / HttpPwnly
"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
☆16Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for HttpPwnly
- ☆21Updated 7 years ago
- A modified version of Mike Czumak's enumeration scanner☆19Updated 6 years ago
- Script to automate, manage, and multithread Nikto scans.☆58Updated 4 years ago
- ☆26Updated 8 years ago
- ☆12Updated 7 years ago
- A passive online scanner from OWTF☆15Updated 4 years ago
- Provide a shell-like interface for exploiting Remote File Inclusion vulnerabilities.☆46Updated 8 years ago
- Fingerprint a web app using local files as the fingerprint sources☆36Updated 7 years ago
- A collection of scripts that I've written while pentesting.☆31Updated 6 years ago
- A Custom Scanner for Burp☆30Updated 10 years ago
- Issues to consider when planning a red team exercise.☆14Updated 7 years ago
- A vulnerability reporting database to help pentesters write consistent, easy reports.☆9Updated 8 years ago
- A scripted library of hacking techniques.☆18Updated 6 years ago
- Pentesting Tools☆21Updated 2 years ago
- BurpJDSer-ng☆26Updated this week
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆25Updated 7 years ago
- Random collection of exploit code, tools, scripts, etc.☆25Updated 9 years ago
- Tinkering with bits and bytes☆11Updated 8 years ago
- Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability☆10Updated 6 years ago
- Web Application Security related tools. Includes backdoors, proof of concepts and tricks☆36Updated 10 years ago
- Generic Command Exploitation Engine for exploiting web application command-injection bugs,.☆31Updated 11 years ago