lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
☆112Jun 23, 2025Updated 8 months ago
Alternatives and similar repositories for lightyear
Users that are interested in lightyear are comparing it to the libraries listed below
Sorting:
- Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()☆504Sep 30, 2024Updated last year
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆237Oct 8, 2024Updated last year
- A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.☆325Jun 2, 2024Updated last year
- stealth userland kit that doesn't use sys_clone/sys_execve call☆35Apr 10, 2025Updated 11 months ago
- A (small) web exploit framework☆97Dec 26, 2025Updated 2 months ago
- A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.☆137Dec 23, 2025Updated 2 months ago
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆142May 27, 2025Updated 9 months ago
- ☆35Feb 10, 2023Updated 3 years ago
- xortigate-cve-2023-27997☆65Oct 12, 2023Updated 2 years ago
- Additional active scan checks for BURP☆28Oct 3, 2024Updated last year
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- ☆28Jul 9, 2024Updated last year
- Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.☆227Jul 24, 2025Updated 7 months ago
- A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.☆48Aug 31, 2025Updated 6 months ago
- A simple pickle assembler to make handcrafting pickle bytecode easier.☆15Apr 16, 2021Updated 4 years ago
- Proof of Concepts for unsafe deserialization in Ruby☆17Oct 17, 2024Updated last year
- ☆28Oct 18, 2022Updated 3 years ago
- This repository contains a number of insecure self-hosted applications that allows interested security engineers to test vulnerabilities …☆26Apr 30, 2025Updated 10 months ago
- ☆11Dec 19, 2024Updated last year
- ☆26Mar 11, 2025Updated last year
- Exploits targeting Symfony☆214Sep 19, 2024Updated last year
- Web Server that serves a single file and keeps the connection open until user releases it.☆74Nov 27, 2013Updated 12 years ago
- ☆349Jan 24, 2023Updated 3 years ago
- ☆32Jun 13, 2023Updated 2 years ago
- HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy + Exploit Timing Attacks☆219Feb 18, 2026Updated last month
- Deserialization payload generator for a variety of .NET formatters☆177Dec 2, 2025Updated 3 months ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆92Mar 25, 2024Updated last year
- ☆24Dec 31, 2025Updated 2 months ago
- A python module to explore the object tree to extract paths to interesting objects in memory.☆101Jan 31, 2025Updated last year
- Offensive Web is a documentation website about web security research, bypass and new exploitation techniques.☆33Feb 14, 2026Updated last month
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆778Dec 9, 2025Updated 3 months ago
- Find all libraries on cdn.js that pollute your prototype☆19Sep 1, 2022Updated 3 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆651Feb 21, 2024Updated 2 years ago
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆43Dec 16, 2024Updated last year
- CVE-2024-28995 POC Vulnerability Scanner☆13Jun 15, 2024Updated last year
- Microsoft Entra ID (Azure AD) Unauthenticated Enumeration☆69Feb 5, 2026Updated last month
- ☆40Aug 2, 2024Updated last year
- A fancier postMessage tracker with Chrome Manifest version V3 support and a few additional features, inspired by Frans Rosens postmessage…☆123Sep 12, 2025Updated 6 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆795Updated this week