Alternatives and similar repositories for NodeJS-Red-Team-Cheat-Sheet

Users that are interested in NodeJS-Red-Team-Cheat-Sheet are comparing it to the libraries listed below

• pimps / ysoserial-modified
  That repository contains my updates to the well know java deserialization exploitation tool ysoserial.
  ☆183Updated 3 years ago
• 0xtz / Enum_For_All
  ☆165Updated 5 years ago
• 21y4d / blindSQLi
  A python based blind SQL injection exploitation script
  ☆140Updated 5 years ago
• Ebryx / GitDump
  A pentesting tool that dumps the source code from .git even when the directory traversal is disabled
  ☆227Updated 3 years ago
• rayhan0x01 / nodejs-websocket-sqli
  A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection
  ☆70Updated 4 years ago
• deletehead / awae_oswe_prep
  Stuff done in preparation for AWAE course and OSWE certification
  ☆152Updated 5 years ago
• convisolabs / CVE-2021-22204-exiftool
  Python exploit for the CVE-2021-22204 vulnerability in Exiftool
  ☆94Updated 4 years ago
• jbarone / xxelab
  A simple web app with a XXE vulnerability.
  ☆229Updated 3 years ago
• chanpu9 / OSWE
  Preparation for OSWE
  ☆45Updated 5 years ago
• srini0x00 / dvta
  Damn Vulnerable Thick Client App developed in C# .NET
  ☆163Updated 2 years ago
• an0nlk / Nosql-MongoDB-injection-username-password-enumeration
  Using this script, you can enumerate Usernames and passwords of Nosql(mongodb) injecion vulnerable web applications.
  ☆172Updated 5 years ago
• GoSecure / xxe-workshop
  Workshop given at Hack in Paris 2019
  ☆124Updated 2 years ago
• 0xC01DF00D / Collabfiltrator
  Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.
  ☆273Updated 9 months ago
• s0j0hn / AWAE-OSWE-Prep
  ☆132Updated 4 years ago
• PortSwigger / portable-data-exfiltration
  This repo contains all the injections mentioned in my talk and enumerators.
  ☆130Updated last year
• HLOverflow / XXE-study
  This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…
  ☆112Updated last year
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆262Updated 3 years ago
• mazen160 / jwt-pwn
  Security Testing Scripts for JWT
  ☆322Updated 3 years ago
• bao7uo / dp_crypto
  Base64-based encryption oracle exploit for CVE-2017-9248 (Telerik UI for ASP.NET AJAX dialog handler)
  ☆178Updated 4 years ago
• kunte0 / phar-jpg-polyglot
  Phar + JPG Polyglot generator and playground (CTF CODE)
  ☆94Updated 6 years ago
• six2dez / burp-bounty-profiles
  Burp Bounty profiles compilation, feel free to contribute!
  ☆148Updated 4 years ago
• teambi0s / dfunc-bypasser
  This tool is for letting you know how strong your disable_functions is and how you can bypass that.
  ☆140Updated 6 years ago
• noraj / Umbraco-RCE
  Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
  ☆75Updated 4 years ago
• GoSecure / template-injection-workshop
  Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
  ☆128Updated 2 years ago
• kaimi-io / web-fuzz-wordlists
  Common Web Managers Fuzz Wordlists
  ☆175Updated 2 months ago
• M507 / AWAE-Preparation
  This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE.
  ☆240Updated 6 years ago
• emadshanab / LFI-Payload-List
  LFI Payloads List coolected from github repos
  ☆85Updated 5 years ago
• noperator / CVE-2019-18935
  RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.
  ☆361Updated 3 years ago
• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆640Updated last year
• mpgn / CVE-2019-7609
  RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer
  ☆56Updated 5 years ago