SecarmaLabs / HttpPwnlyLinks
"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
☆16Updated 8 years ago
Alternatives and similar repositories for HttpPwnly
Users that are interested in HttpPwnly are comparing it to the libraries listed below
Sorting:
- Subdomain brute force focused on speed and data serialization☆75Updated 2 years ago
- Automated enumeration☆30Updated 4 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38Updated 8 years ago
- Provide a shell-like interface for exploiting Remote File Inclusion vulnerabilities.☆46Updated 8 years ago
- This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.☆59Updated 8 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆25Updated 8 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆44Updated 8 years ago
- Provide a sort of shell-ish interface to make file directory traversal quicker and easier.☆24Updated 8 years ago
- A dumb script for finding dumb coding errors in WordPress plugins☆54Updated 3 years ago
- A modified version of Mike Czumak's enumeration scanner☆19Updated 6 years ago
- rev-door is a small backdoor with only ONE line of PHP code, which takes command from POST data and execute it on server side. It is like…☆26Updated 9 years ago
- Web shells for use in penetration testing☆39Updated 10 years ago
- Script to automate, manage, and multithread Nikto scans.☆60Updated 5 years ago
- ☆26Updated 8 years ago
- Babel Scripting Framework☆43Updated 4 years ago
- [L]ocal [A]uto [R]oot [E]xploiter is a simple bash script that helps you deploy local root exploits from your attacking machine when your…☆67Updated 8 years ago
- Post-exploitation scripts for OS X persistence and privesc☆72Updated 8 years ago
- Pentesting Tools☆22Updated 3 years ago
- The Unofficial Burp Extension for DNSDumpster.com☆70Updated 7 years ago
- OSCP related stuff ^_^ - Try Harder!☆9Updated 6 years ago
- Materials related to the 2017 BSides Las Vegas presentation☆52Updated 4 years ago
- ☆47Updated 9 years ago
- A scripted library of hacking techniques.☆18Updated 7 years ago
- A tool to catch spoofed NBNS responses.☆50Updated 7 years ago
- Hashmash is a tool to aid in generating hashes from user supplied values and Epochs☆63Updated 8 years ago
- Scripts for Deploying new server☆48Updated 2 months ago
- The initial conversation slides and menu of scenarios☆38Updated 4 years ago
- Automatically exported from code.google.com/p/unix-security-file-parser☆34Updated 9 years ago
- A collection of useful scripts for penetration testers☆83Updated 12 years ago
- Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability☆10Updated 6 years ago