ambionics / lightyearLinks
lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
☆101Updated 2 months ago
Alternatives and similar repositories for lightyear
Users that are interested in lightyear are comparing it to the libraries listed below
Sorting:
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆65Updated last year
- A (small) web exploit framework☆93Updated 2 weeks ago
- Utility for creating ZipSlip archives☆74Updated 2 years ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆89Updated last year
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- CVE-2023-33733 reportlab RCE☆119Updated last year
- ☆167Updated 3 years ago
- ☆22Updated 5 months ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆51Updated 3 months ago
- Same Origin XSS challenge☆61Updated 3 years ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆133Updated 5 years ago
- Repository to store exploits created by Assetnotes Security Research team☆182Updated last year
- POC for RCE vulnerability in ParseExcel library, and ParseXLSX too, as a depending library☆17Updated 11 months ago
- jws2pubkey tool☆40Updated last month
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆225Updated 10 months ago
- A python script to merge multiple jar files for easier debugging via JD-Eclipse☆61Updated 2 years ago
- PP-finder Help you find gadget for prototype pollution exploitation☆172Updated last year
- A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON☆113Updated last year
- LFI to RCE via phpinfo() assistance or via controlled log file☆70Updated 2 years ago
- jolokia-exploitation-toolkit☆299Updated 8 months ago
- ☆27Updated 2 years ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆98Updated last year
- Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing☆133Updated last year
- ☆82Updated last month
- Awesome MXSS ??☆52Updated 10 months ago
- oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning☆70Updated 8 months ago
- ☆38Updated 2 months ago
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆18Updated last year
- PHP binary bugs advisory☆180Updated 3 years ago
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆70Updated last year