SecarmaLabs / psychoPATH
psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write files into the webroot (aka document root). The "blind" aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source …
☆141Updated 7 years ago
Alternatives and similar repositories for psychoPATH:
Users that are interested in psychoPATH are comparing it to the libraries listed below
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆227Updated 6 years ago
- Brosec - An interactive reference tool to help security professionals utilize useful payloads and commands.☆356Updated 2 years ago
- The Inspector tool is a privilege escalation helper (PoC), easy to deployed on web server, this tool can list process running with root, …☆121Updated 6 years ago
- Fuzzbunch Python-Wine wrapper☆57Updated 8 years ago
- CVE-2017-8759 - A vulnerability in the SOAP WDSL parser.☆176Updated 7 years ago
- ☆138Updated 7 years ago
- psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…☆274Updated 4 years ago
- Neet - Network Enumeration and Exploitation Tool☆167Updated 8 years ago
- Collection of metasploit modules☆67Updated 8 years ago
- Extract Sense out of Gibberish stuff☆82Updated 7 years ago
- Image size issues plugin for Burp Suite☆94Updated 6 years ago
- Shodan HQ nmap plugin - passively scan targets☆153Updated 9 years ago
- Very crude and poorly written HTTP(s) and SMTP bin☆93Updated 4 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆383Updated 4 years ago
- ☆84Updated 8 years ago
- ☆90Updated 3 months ago
- An exploit for Apache Struts CVE-2017-9805☆250Updated 7 years ago
- Fast subdomains enumeration tool for penetration testers☆117Updated 6 years ago
- "Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protecti…☆135Updated 7 years ago
- DefCon24☆121Updated 8 years ago
- Improved decoder for Burp Suite☆138Updated 3 years ago
- Various Scripts for Mobile Pen-testing with Frida☆76Updated 8 years ago
- Next Generation Firewall Audit and Bypass Tool☆264Updated 8 years ago
- Tool for checking Whether a domain or its multiple sub-domains are up and running.☆72Updated 6 years ago
- Automate NMAP Scans and Generate Custom Nessus Policies Automatically☆147Updated 8 years ago
- Proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File☆160Updated 8 years ago
- HTTPoxy Exploit Scanner by 1N3 @CrowdShield☆103Updated 7 years ago
- A JBoss script for obtaining remote shell access☆172Updated 4 years ago
- LNHG - Mass Web Fingerprinter☆61Updated 9 years ago
- This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is f…☆159Updated 3 years ago