SpiderLabs / deface
A Java Server Faces (JSF) testing tool for decoding view state and creating view state attack vectors.
☆30Updated 14 years ago
Alternatives and similar repositories for deface:
Users that are interested in deface are comparing it to the libraries listed below
- Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created d…☆67Updated 10 months ago
- Vulnerable Node.js Web Application to pratice with your pentesting skills☆21Updated 7 years ago
- A suite of CLI tools I built to automate some of the tedious parts of exploit development (specifically, crafting Buffer Overflow Exploit…☆38Updated 9 years ago
- XXE OOB Exploitation Toolset for Automation☆63Updated 11 years ago
- Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process.☆45Updated 4 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆30Updated 9 years ago
- This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.☆58Updated 8 years ago
- Babel Scripting Framework☆42Updated 4 years ago
- Performs method enumeration and interrogation against flash remoting end points.☆37Updated 4 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆44Updated 8 years ago
- Web shells for PHP/ASP/ASP.NET using the least number of characters☆14Updated last year
- Payload generator that uses Metasploit and Veil. Takes IP address as input and calls Veil. Use msfvenom to create payloads and writes res…☆44Updated 5 years ago
- CSV injection Vulnerable Script.☆29Updated 7 years ago
- Provide a sort of shell-ish interface to make file directory traversal quicker and easier.☆24Updated 8 years ago
- Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).☆14Updated last year
- Stækka Metasploit - Extenting Metasploit☆54Updated 7 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38Updated 7 years ago
- Dumain Bruteforcer - a fast and flexible domain bruteforcer☆53Updated 6 years ago
- Generic Command Exploitation Engine for exploiting web application command-injection bugs,.☆31Updated 12 years ago
- SQL SERVER Exploitation.☆27Updated 8 years ago
- A simplified SMB Email Client Attack script used for pentests.☆30Updated 6 years ago
- Modified version of ActiveScan++ Burp Suite extension☆31Updated 8 years ago
- Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability☆10Updated 6 years ago
- Collection of tools for privesc on Linux☆34Updated 11 years ago
- WhiteBox CMS analysis☆69Updated last year
- ☆47Updated 9 years ago
- Materials related to the 2017 BSides Las Vegas presentation☆52Updated 4 years ago
- This module is used to exploit startup script execution through Windows Group Policy settings when configured to run off of a remote SMB …☆22Updated 5 years ago
- A simple little Python script that uses Impacket to check if SMBv1 is enabled on a remote host☆16Updated 8 years ago
- Network based protocol fuzzer☆70Updated 3 years ago