aadityapurani / NodeJS-Red-Team-Cheat-SheetView external linksLinks
NodeJS Red-Team Cheat Sheet
☆225Jul 28, 2019Updated 6 years ago
Alternatives and similar repositories for NodeJS-Red-Team-Cheat-Sheet
Users that are interested in NodeJS-Red-Team-Cheat-Sheet are comparing it to the libraries listed below
Sorting:
- A repo for holding cheat sheets for myself that cover various penetration testing tools and commands.☆41May 21, 2018Updated 7 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- crypto args for golang☆17Feb 14, 2022Updated 4 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆946Dec 31, 2021Updated 4 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆325Mar 27, 2024Updated last year
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- Spring Boot Actuator (jolokia) XXE/RCE☆324Jun 16, 2020Updated 5 years ago
- A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…☆19Feb 8, 2023Updated 3 years ago
- Prototype Pollution and useful Script Gadgets☆1,581Jan 27, 2024Updated 2 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆645Feb 21, 2024Updated last year
- Content-Type Research☆657Jun 29, 2025Updated 7 months ago
- Disposable and resilient red team infrastructure with Terraform☆278Feb 1, 2019Updated 7 years ago
- It contain google dork to find the wsdl file.☆13May 27, 2020Updated 5 years ago
- burp插件开发笔记☆11Dec 26, 2021Updated 4 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- ��☆18Aug 15, 2021Updated 4 years ago
- Repository of resources for configuring a Red Team SIEM using Elastic☆101Jul 10, 2018Updated 7 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,484Oct 12, 2024Updated last year
- Notes about attacking Jenkins servers☆2,090Jul 10, 2024Updated last year
- The cheat sheet about Java Deserialization vulnerabilities☆3,167May 26, 2023Updated 2 years ago
- Shellcode launcher for AV bypass☆215Dec 23, 2023Updated 2 years ago
- A vulnerable application exposing Spring Boot Actuators☆123Feb 25, 2019Updated 6 years ago
- Python script to execute commands via Erlang/OTP Distribution Protocol☆15Feb 6, 2024Updated 2 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP S…☆937Sep 2, 2025Updated 5 months ago
- ZipCreater主要应用于跨目录的文件上传漏洞的利用,它能够快速进行压缩包生成。☆187Apr 6, 2022Updated 3 years ago
- jolokia-exploitation-toolkit☆310Dec 19, 2024Updated last year
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆390Aug 15, 2024Updated last year
- a patched sshd for red team activities☆84Aug 8, 2021Updated 4 years ago
- Automatic SSRF fuzzer and exploitation tool☆3,479Sep 4, 2025Updated 5 months ago
- SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications☆1,048Nov 26, 2023Updated 2 years ago
- Modular C2 framework aiming to ease post exploitation for red teamers.☆193May 22, 2022Updated 3 years ago
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆6,347May 1, 2025Updated 9 months ago
- ☆477Nov 20, 2022Updated 3 years ago
- Run Rubeus via Rundll32☆208Apr 25, 2020Updated 5 years ago
- A DNS Bruteforcing Wordlist Generator☆361Feb 22, 2023Updated 2 years ago
- CSS injection vulnerability in Swagger UI☆35Oct 22, 2019Updated 6 years ago
- PP-finder Help you find gadget for prototype pollution exploitation☆190Aug 8, 2024Updated last year