SecarmaLabs / HttpPwnlyLinks
"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
☆16Updated 8 years ago
Alternatives and similar repositories for HttpPwnly
Users that are interested in HttpPwnly are comparing it to the libraries listed below
Sorting:
- Automated enumeration☆30Updated 4 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38Updated 8 years ago
- Materials related to the 2017 BSides Las Vegas presentation☆52Updated 4 years ago
- CSV injection Vulnerable Script.☆29Updated 8 years ago
- This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.☆59Updated 8 years ago
- Provide a shell-like interface for exploiting Remote File Inclusion vulnerabilities.☆46Updated 9 years ago
- Post-exploitation scripts for OS X persistence and privesc☆72Updated 8 years ago
- OAuth plugin for Burp Suite Extender☆42Updated 7 years ago
- Web Application Security related tools. Includes backdoors, proof of concepts and tricks☆37Updated 10 years ago
- Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability☆10Updated 7 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆25Updated 8 years ago
- BurpJDSer-ng☆29Updated last week
- rev-door is a small backdoor with only ONE line of PHP code, which takes command from POST data and execute it on server side. It is like…☆26Updated 9 years ago
- A tool to catch spoofed NBNS responses.☆50Updated 7 years ago
- Web shells for use in penetration testing☆40Updated 10 years ago
- SharePoint scanner and fingerprinter based on WPScan☆25Updated 11 years ago
- Short and simple vulnerable PHP web application that naïve scanners found to be perfectly safe☆14Updated 9 years ago
- Provide a sort of shell-ish interface to make file directory traversal quicker and easier.☆24Updated 8 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆83Updated 8 years ago
- The initial conversation slides and menu of scenarios☆38Updated 4 years ago
- WhiteBox CMS analysis☆69Updated 2 years ago
- A simplified SMB Email Client Attack script used for pentests.☆30Updated 6 years ago
- Pentesting Tools☆22Updated 2 weeks ago
- A scripted library of hacking techniques.☆18Updated 7 years ago
- Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.☆46Updated 10 years ago
- Runs Responder, uploads hashes for cracking, alerts when cracked☆37Updated 9 years ago
- Subdomain brute force focused on speed and data serialization☆75Updated 2 years ago
- Issues to consider when planning a red team exercise.☆15Updated 8 years ago
- Script to automate, manage, and multithread Nikto scans.☆61Updated 5 years ago
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Updated 12 years ago