SecarmaLabs / HttpPwnlyLinks
"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
☆14Updated 8 years ago
Alternatives and similar repositories for HttpPwnly
Users that are interested in HttpPwnly are comparing it to the libraries listed below
Sorting:
- Automated enumeration☆30Updated 4 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆42Updated 8 years ago
- Subdomain brute force focused on speed and data serialization☆75Updated 3 years ago
- This is an automated tool collection written in Python for vulnerability assessment and exploitation. It also includes solution of SPSE -…☆21Updated 8 years ago
- Provide a shell-like interface for exploiting Remote File Inclusion vulnerabilities.☆46Updated 9 years ago
- Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.☆46Updated 11 years ago
- This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.☆59Updated 8 years ago
- Scripts for Deploying new server☆49Updated 8 months ago
- Materials related to the 2017 BSides Las Vegas presentation☆52Updated 5 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆25Updated 8 years ago
- WhiteBox CMS analysis☆68Updated 2 years ago
- A scripted library of hacking techniques.☆18Updated 7 years ago
- automato should help with automating some of the user-focused enumeration tasks during an internal penetration test.☆72Updated 6 years ago
- A Pythonic wrapper to MassDNS☆24Updated 7 years ago
- [L]ocal [A]uto [R]oot [E]xploiter is a simple bash script that helps you deploy local root exploits from your attacking machine when your…☆67Updated 8 years ago
- ☆23Updated 8 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38Updated 8 years ago
- Highlight Burp proxy requests made by different browsers☆29Updated 8 years ago
- CSV injection Vulnerable Script.☆29Updated 8 years ago
- Post-exploitation scripts for OS X persistence and privesc☆73Updated 8 years ago
- Babel Scripting Framework☆43Updated 5 years ago
- Plaintext Password harvesting from Azure Windows VMs☆68Updated 7 years ago
- Hacking challenges☆31Updated 8 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆83Updated 8 years ago
- Payload generator that uses Metasploit and Veil. Takes IP address as input and calls Veil. Use msfvenom to create payloads and writes res…☆44Updated 6 years ago
- ☆55Updated 8 years ago
- Generic Command Exploitation Engine for exploiting web application command-injection bugs,.☆31Updated 12 years ago
- A collection of scripts that I've written while pentesting.☆31Updated 7 years ago
- Tools used for Penetration testing / Red Teaming☆66Updated 7 years ago
- The initial conversation slides and menu of scenarios☆38Updated 4 years ago