ambionics/lightyear

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ambionics/lightyear)

ambionics / lightyear

lightyear is a tool to dump files in tedious (blind) conditions using PHP filters

☆111

Alternatives and similar repositories for lightyear

Users that are interested in lightyear are comparing it to the libraries listed below

Sorting:

ambionics / cnext-exploits
View on GitHub
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
☆505Sep 30, 2024Updated last year
ambionics / wrapwrap
View on GitHub
Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.
☆236Oct 8, 2024Updated last year
synacktiv / php_filter_chains_oracle_exploit
View on GitHub
A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.
☆326Jun 2, 2024Updated last year
nodyhub / zipslipper
View on GitHub
Create tar/zip archives that try to exploit zipslip vulnerability.
☆48Sep 20, 2024Updated last year
synacktiv / laravel-crypto-killer
View on GitHub
A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.
☆135Dec 23, 2025Updated 2 months ago
google / acjs
View on GitHub
☆11Dec 19, 2024Updated last year
cfreal / ten
View on GitHub
A (small) web exploit framework
☆97Dec 26, 2025Updated 2 months ago
tenable / hidden-services-revealer
View on GitHub
☆40Aug 2, 2024Updated last year
irsdl / ysonet
View on GitHub
Deserialization payload generator for a variety of .NET formatters
☆178Dec 2, 2025Updated 3 months ago
io-tl / degu-lib
View on GitHub
stealth userland kit that doesn't use sys_clone/sys_execve call
☆34Apr 10, 2025Updated 10 months ago
lexfo / xortigate-cve-2023-27997
View on GitHub
xortigate-cve-2023-27997
☆65Oct 12, 2023Updated 2 years ago
AethliosIK / reset-tolkien
View on GitHub
Unsecure time-based secret exploitation and Sandwich attack implementation Resources
☆149Dec 9, 2024Updated last year
p0dalirius / objectwalker
View on GitHub
A python module to explore the object tree to extract paths to interesting objects in memory.
☆102Jan 31, 2025Updated last year
gousaiyang / pickleassem
View on GitHub
A simple pickle assembler to make handcrafting pickle bytecode easier.
☆15Apr 16, 2021Updated 4 years ago
GitHubSecurityLab / ruby-unsafe-deserialization
View on GitHub
Proof of Concepts for unsafe deserialization in Ruby
☆17Oct 17, 2024Updated last year
kevin-mizu / domloggerpp
View on GitHub
A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
☆772Dec 9, 2025Updated 2 months ago
wupco / PHP_INCLUDE_TO_SHELL_CHAR_DICT
View on GitHub
☆349Jan 24, 2023Updated 3 years ago
shhnjk / cursed_types
View on GitHub
List of Trusted Types bypasses
☆102Apr 15, 2024Updated last year
pwntester / BlockingServer
View on GitHub
Web Server that serves a single file and keeps the connection open until user releases it.
☆73Nov 27, 2013Updated 12 years ago
jackfromeast / dom-clobbering-collection
View on GitHub
A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.
☆48Aug 31, 2025Updated 6 months ago
ambionics / symfony-exploits
View on GitHub
Exploits targeting Symfony
☆214Sep 19, 2024Updated last year
avlidienbrunn / archivealchemist
View on GitHub
Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.
☆227Jul 24, 2025Updated 7 months ago
BishopFox / sj
View on GitHub
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
☆723Updated this week
m4p1e / php-exploit
View on GitHub
some fun php exploits
☆81Nov 12, 2024Updated last year
elttam / plormber
View on GitHub
☆26Jul 9, 2024Updated last year
nxenon / h2spacex
View on GitHub
HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy‌ + Exploit Timing Attacks
☆218Feb 18, 2026Updated last week
bytehope / wwe
View on GitHub
☆25Mar 11, 2025Updated 11 months ago
narfindustries / http-garden
View on GitHub
Differential testing framework for HTTP implementations
☆927Jan 21, 2026Updated last month
BlackFan / client-side-prototype-pollution
View on GitHub
Prototype Pollution and useful Script Gadgets
☆1,584Jan 27, 2024Updated 2 years ago
BlackFan / BFScan
View on GitHub
Tool for finding URLs, paths, secrets and generating raw HTTP requests and OpenApi specifications from config files and annotations used …
☆242Dec 9, 2025Updated 2 months ago
codewhitesec / HttpRemotingObjRefLeak
View on GitHub
Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)
☆92Mar 25, 2024Updated last year
aszx87410 / cdnjs-prototype-pollution
View on GitHub
Find all libraries on cdn.js that pollute your prototype
☆19Sep 1, 2022Updated 3 years ago
Outpost24 / outpost24-cors-check
View on GitHub
Additional active scan checks for BURP
☆28Oct 3, 2024Updated last year
ambionics / scalpel
View on GitHub
Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
☆68May 31, 2024Updated last year
KTH-LangSec / server-side-prototype-pollution
View on GitHub
A collection of Server-Side Prototype Pollution gadgets and exploits
☆223Feb 6, 2025Updated last year
doyensec / Unsafe-Unpacking
View on GitHub
Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide
☆43Dec 16, 2024Updated last year
CFandR-github / PHP-binary-bugs
View on GitHub
PHP binary bugs advisory
☆179Jul 30, 2022Updated 3 years ago
nullenc0de / Cognitohunter
View on GitHub
A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…
☆21Jan 20, 2025Updated last year
yeswehack / Dom-Explorer
View on GitHub
☆39Sep 21, 2025Updated 5 months ago