"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
☆14Mar 4, 2017Updated 8 years ago
Alternatives and similar repositories for HttpPwnly
Users that are interested in HttpPwnly are comparing it to the libraries listed below
Sorting:
- A passive online scanner from OWTF☆16Feb 16, 2026Updated last week
- Create machine images containing the Nessus vulnerability scanner☆13Feb 18, 2026Updated last week
- Flash crossdomain policy security checker☆26Oct 3, 2015Updated 10 years ago
- PoC for an adaptive parallelised DNS prober☆44Oct 4, 2017Updated 8 years ago
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆49Jul 15, 2019Updated 6 years ago
- Create one or more monitor-mode virtual wireless interfaces with unique mac addresses.☆12Dec 14, 2018Updated 7 years ago
- Vulnerable Windows Driver with exploits which were used for demonstration purposes on Hunting and exploiting bugs in kernel drivers prese…☆13Jan 29, 2013Updated 13 years ago
- ZeroDay Cyber Research - ZCR Shellcoder Archive - z3r0d4y.com Shellcode Generator☆13Jul 29, 2016Updated 9 years ago
- ☆13Aug 18, 2016Updated 9 years ago
- My presentations from different conferences☆15Sep 12, 2018Updated 7 years ago
- Password spraying script and helper for creating password lists☆34Sep 4, 2020Updated 5 years ago
- A QEMU based framework for instrumenting x86 programs from Python☆17Oct 5, 2020Updated 5 years ago
- Generates several metasploit payloads☆15Apr 13, 2018Updated 7 years ago
- js-beautifier extension for Burp Suite☆30Jun 24, 2013Updated 12 years ago
- A lightweight CSRF Toolkit for easy Proof of concept☆172Jun 11, 2014Updated 11 years ago
- ☆20Jul 25, 2019Updated 6 years ago
- Puma Prey contains vulnerable .NET target applications to test the Puma Scan rules against. This project contains Web Forms, MVC5, and Co…☆21Aug 26, 2025Updated 6 months ago
- A sub-domain enumeration tool☆20May 18, 2020Updated 5 years ago
- notes 2016-present☆48Jun 28, 2020Updated 5 years ago
- CTF Writeups☆16Jul 18, 2017Updated 8 years ago
- CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.☆193Jun 25, 2015Updated 10 years ago
- CVE-2017-8570 Exploit☆21Aug 14, 2017Updated 8 years ago
- ZAP Admin☆31Feb 19, 2026Updated last week
- ☆31Jun 30, 2013Updated 12 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆29Sep 16, 2018Updated 7 years ago
- During pentesting I often miss screenshots of events for reports due to the quick pace of testing and a lack of foreknowledge about what …☆26Jul 18, 2019Updated 6 years ago
- Security conferences talks☆25Jul 10, 2020Updated 5 years ago
- A simple shell script which utilizes nmap, nikto, dirb, enum4linux and other open source goodies to automate enumeration process.☆19Jan 13, 2022Updated 4 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆141May 25, 2017Updated 8 years ago
- A scoreboard for Security CTF events☆37Dec 11, 2012Updated 13 years ago
- Web Filter External Enumeration Tool (WebFEET)☆78Aug 24, 2014Updated 11 years ago
- ☆24Feb 2, 2026Updated 3 weeks ago
- Nashorn Post Exploitation☆32Feb 12, 2018Updated 8 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆104Jun 1, 2018Updated 7 years ago
- SharpBuster is a C# implementation of a directory brute forcing tool. It's designed to be used via Cobalt Strike's execute-assembly and s…☆63Sep 2, 2020Updated 5 years ago
- A dumb script for finding dumb coding errors in WordPress plugins☆53Jun 15, 2022Updated 3 years ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆29May 5, 2018Updated 7 years ago
- This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.☆59Apr 3, 2017Updated 8 years ago
- ☆31Aug 23, 2020Updated 5 years ago