ambionics / lightyearLinks
lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
☆105Updated 4 months ago
Alternatives and similar repositories for lightyear
Users that are interested in lightyear are comparing it to the libraries listed below
Sorting:
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆65Updated last year
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆90Updated last year
- Utility for creating ZipSlip archives☆79Updated 2 years ago
- A (small) web exploit framework☆96Updated last month
- ☆23Updated 7 months ago
- CVE-2023-33733 reportlab RCE☆118Updated 2 years ago
- jws2pubkey tool☆40Updated 3 months ago
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- Repository to store exploits created by Assetnotes Security Research team☆180Updated last year
- Deserialization payload generator for a variety of .NET formatters☆131Updated 2 months ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆140Updated 5 years ago
- A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON☆113Updated last year
- oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning☆72Updated 10 months ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆54Updated 3 weeks ago
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆228Updated last year
- ☆169Updated 4 years ago
- Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing☆133Updated last year
- Same Origin XSS challenge☆64Updated 3 years ago
- ☆89Updated last year
- ☆27Updated 3 years ago
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆19Updated last year
- LFI to RCE via phpinfo() assistance or via controlled log file☆72Updated 2 years ago
- A python script to merge multiple jar files for easier debugging via JD-Eclipse☆62Updated 2 years ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆52Updated last year
- ☆85Updated 3 months ago
- ☆39Updated 2 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆29Updated last year
- ☆41Updated 4 months ago
- POC for RCE vulnerability in ParseExcel library, and ParseXLSX too, as a depending library☆17Updated last year
- jolokia-exploitation-toolkit☆298Updated 10 months ago