SecarmaLabs / psychoPATH
psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write files into the webroot (aka document root). The "blind" aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source …
☆141Updated 7 years ago
Related projects: ⓘ
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆225Updated 6 years ago
- Fuzzbunch Python-Wine wrapper☆57Updated 7 years ago
- Public repository for improvements to the EXTRABACON exploit☆158Updated 7 years ago
- ☆138Updated 7 years ago
- "Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protecti…☆135Updated 6 years ago
- Image size issues plugin for Burp Suite☆92Updated 6 years ago
- ☆87Updated 3 months ago
- psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…☆270Updated 3 years ago
- CVE-2017-8759 - A vulnerability in the SOAP WDSL parser.☆173Updated 7 years ago
- ☆201Updated this week
- Brosec - An interactive reference tool to help security professionals utilize useful payloads and commands.☆354Updated last year
- Fast subdomains enumeration tool for penetration testers☆117Updated 5 years ago
- Collection of metasploit modules☆65Updated 7 years ago
- Shodan HQ nmap plugin - passively scan targets☆150Updated 8 years ago
- ☆259Updated this week
- Neet - Network Enumeration and Exploitation Tool☆167Updated 7 years ago
- A Burp Plugin for Detecting Weaknesses in Content Security Policies☆162Updated last year
- burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…☆156Updated 5 years ago
- Client/Server scripts to transfer files over DNS. Client scripts are small and only use native tools on the host OS.☆205Updated 8 years ago
- Improved decoder for Burp Suite☆134Updated 3 years ago
- The Inspector tool is a privilege escalation helper (PoC), easy to deployed on web server, this tool can list process running with root, …☆121Updated 5 years ago
- ☆115Updated this week
- ☆138Updated this week
- DefCon24☆119Updated 8 years ago
- ☆139Updated this week
- Working Python test and PoC for CVE-2018-11776, includes Docker lab☆126Updated 6 years ago
- Extract Sense out of Gibberish stuff☆82Updated 7 years ago
- ☆227Updated 8 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆382Updated 3 years ago