Tris0n / CVE-2023-32571-POC
β7Updated 11 months ago
Related projects β
Alternatives and complementary repositories for CVE-2023-32571-POC
- π Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)β19Updated last year
- crtdumper is a Go application designed to interact directly with Certificate Transparency (CT) logs servers and extract domain names froβ¦β18Updated 4 months ago
- β18Updated 6 months ago
- A websocket-based reverse (javascript) shell for XSS attacks.β29Updated 2 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3β13Updated 2 years ago
- Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.β48Updated last year
- Make better use of the embedded browser that comes by default with Burpβ39Updated 10 months ago
- π WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.β26Updated last year
- Web cache poisoning vulnerability scanner.β61Updated 2 years ago
- Easily gather all routes related to a NextJs application through parsing of _buildManifest.jsβ52Updated last year
- Some tips for Bug Bounty using LibreOfficeβ32Updated 3 months ago
- Tool to start a python http server in a simple wayβ10Updated 2 years ago
- β24Updated 2 years ago
- β13Updated last month
- β43Updated last year
- A better way of querying certificate transparency logsβ76Updated last year
- This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.β37Updated 2 years ago
- β13Updated last year
- ASNPepper - Recon in ASN - Extracting CIDR's - Fast and efficient scanningβ15Updated last week
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.β68Updated 10 months ago
- A tool to guess the rest of the shortnames provided by vulnerable IIS instances.β34Updated last year
- A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.β28Updated 2 years ago
- γπ₯γCVE-2022-33891 - Apache Spark Command Injectionβ27Updated 2 years ago
- PoC for the CVE-2021-4034 vulnerability, affecting polkit < 0.120.β25Updated 2 years ago
- Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)β35Updated last year
- https://github.com/ManhNho/AWAE-OSWEβ11Updated 4 years ago
- β43Updated last year
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HEβ52Updated 2 weeks ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.β35Updated 2 years ago
- This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"β23Updated 6 years ago