ambionics / lightyear
lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
☆59Updated 2 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for lightyear
- Utility for creating ZipSlip archives☆67Updated last year
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆52Updated 5 months ago
- Same Origin XSS challenge☆56Updated 2 years ago
- Gopher Tomcat Deployer☆47Updated 6 years ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆86Updated 7 months ago
- ZDI presentations, publications, whitepapers etc☆44Updated last year
- xortigate-cve-2023-27997☆62Updated last year
- A (small) web exploit framework☆79Updated last month
- This repository offers insights and a proof-of-concept tool to exploit two significant deserialization vulnerabilities in Inductive Autom…☆45Updated 10 months ago
- Searcher for cross-site leaks (XS-Leaks)☆81Updated last year
- tetctf2020_amf_writeups☆23Updated 3 years ago
- Finding Java gadget chains with CodeQL☆159Updated 3 months ago
- POC for RCE vulnerability in ParseExcel library, and ParseXLSX too, as a depending library☆15Updated 2 months ago
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆33Updated 7 months ago
- ☆13Updated 2 months ago
- Awesome MXSS ??☆45Updated last month
- Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409) exploit☆73Updated last month
- A python script to merge multiple jar files for easier debugging via JD-Eclipse☆61Updated last year
- ☆158Updated 3 years ago
- This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite …☆35Updated this week
- ☆24Updated 5 months ago
- Some tips for Bug Bounty using LibreOffice☆33Updated 4 months ago
- LFI to RCE via phpinfo() assistance or via controlled log file☆59Updated last year
- Fake MySQL Server that attempts to steal files from clients.☆19Updated 4 years ago
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆25Updated 9 months ago
- Apt style exploitation of Chrome 0day CVE-2023-4357☆43Updated last year
- ☆45Updated 2 years ago
- VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)☆96Updated last year