SecarmaLabs / HttpPwnlyLinks
"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
☆14Updated 8 years ago
Alternatives and similar repositories for HttpPwnly
Users that are interested in HttpPwnly are comparing it to the libraries listed below
Sorting:
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆25Updated 8 years ago
- Provide a shell-like interface for exploiting Remote File Inclusion vulnerabilities.☆46Updated 9 years ago
- Post-exploitation scripts for OS X persistence and privesc☆73Updated 8 years ago
- Subdomain brute force focused on speed and data serialization☆75Updated 3 years ago
- Materials related to the 2017 BSides Las Vegas presentation☆52Updated 5 years ago
- This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.☆59Updated 8 years ago
- WhiteBox CMS analysis☆69Updated 2 years ago
- A scripted library of hacking techniques.☆18Updated 7 years ago
- automato should help with automating some of the user-focused enumeration tasks during an internal penetration test.☆72Updated 6 years ago
- A simplified SMB Email Client Attack script used for pentests.☆29Updated 7 years ago
- Automated enumeration☆30Updated 4 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38Updated 8 years ago
- Tools used for Penetration testing / Red Teaming☆66Updated 7 years ago
- IRC bot for cracking hashes☆18Updated 4 years ago
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Updated 12 years ago
- Sparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]☆97Updated 12 years ago
- Exploit insecure crossdomain.xml files.☆26Updated 8 years ago
- SharePoint scanner and fingerprinter based on WPScan☆25Updated 12 years ago
- The Unofficial Burp Extension for DNSDumpster.com☆70Updated 7 years ago
- Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.☆46Updated 11 years ago
- Provide a sort of shell-ish interface to make file directory traversal quicker and easier.☆24Updated 9 years ago
- Weape-Wireless-EAP-Extractor☆29Updated 12 years ago
- This is an automated tool collection written in Python for vulnerability assessment and exploitation. It also includes solution of SPSE -…☆21Updated 8 years ago
- Modified version of ActiveScan++ Burp Suite extension☆31Updated 9 years ago
- OAuth plugin for Burp Suite Extender☆43Updated 7 years ago
- A collection of useful scripts for penetration testers☆83Updated 13 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆83Updated 8 years ago
- Highlight Burp proxy requests made by different browsers☆29Updated 8 years ago
- A tool to catch spoofed NBNS responses.☆51Updated 7 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆42Updated 8 years ago