Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.
☆234Oct 8, 2024Updated last year
Alternatives and similar repositories for wrapwrap
Users that are interested in wrapwrap are comparing it to the libraries listed below
Sorting:
- Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()☆505Sep 30, 2024Updated last year
- A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.☆326Jun 2, 2024Updated last year
- ☆993Jan 23, 2023Updated 3 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆111Jun 23, 2025Updated 8 months ago
- ☆349Jan 24, 2023Updated 3 years ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆92Mar 25, 2024Updated last year
- 构造字节在ASCII范围内的jar☆139Feb 14, 2022Updated 4 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,749Sep 29, 2025Updated 4 months ago
- Coffee is a loader for ELF (Executable and Linkable Format) object files written in Rust. Coffee是一个用Rust语言编写的ELF object文件的加载器☆63Apr 29, 2024Updated last year
- 抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组☆139Mar 11, 2024Updated last year
- dotnet 反序列化学习笔记☆513Oct 19, 2023Updated 2 years ago
- Some ReadObject Sink With JDBC☆243May 8, 2024Updated last year
- Java RMI Vulnerability Scanner☆916Jul 3, 2024Updated last year
- some fun php exploits☆81Nov 12, 2024Updated last year
- 一款使用Yaml定义搜索规则来搜索Class的工具☆108Aug 2, 2023Updated 2 years ago
- ☆95Sep 2, 2024Updated last year
- Find all libraries on cdn.js that pollute your prototype☆19Sep 1, 2022Updated 3 years ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆223Feb 6, 2025Updated last year
- A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON☆115Mar 27, 2024Updated last year
- A (small) web exploit framework☆97Dec 26, 2025Updated 2 months ago
- PoC for CVE-2023-4911☆389Oct 4, 2023Updated 2 years ago
- A small utility to translate NTDS.dit files to SQLite format.☆83Oct 11, 2023Updated 2 years ago
- A neo4j procedure for tabby☆137May 17, 2025Updated 9 months ago
- Prototype Pollution and useful Script Gadgets☆1,584Jan 27, 2024Updated 2 years ago
- cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件☆93Jan 17, 2023Updated 3 years ago
- 无需文件落地Agent内存马生成器☆249May 30, 2024Updated last year
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆754Dec 2, 2022Updated 3 years ago
- 使用 agent 实现反序列化 utf8 overlong☆83Apr 24, 2024Updated last year
- Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式☆545Mar 6, 2025Updated 11 months ago
- ☆49Dec 4, 2023Updated 2 years ago
- 闭源系统半自动漏洞挖掘工具,针对 jar/war/zip 进行静态代码分析,输出从source到sink的可达路径。LLM将验证路径可达性,并根据上下文给出该路径可信分数☆502Jan 12, 2026Updated last month
- Just another Powerview alternative but on steroids☆868Updated this week
- 专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF☆1,225Updated this week
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,302Apr 18, 2023Updated 2 years ago
- ☆28Aug 12, 2023Updated 2 years ago
- A simple mutator engine which focuses on finding unknown classes of injection vulnerabilities☆67Mar 18, 2024Updated last year
- Reverse-engineer a Dockerfile from a Docker image.☆15Nov 7, 2023Updated 2 years ago
- Topic: The Swiss Army Knife of Java Exploitation☆21Feb 25, 2025Updated last year
- CVE-2024-43044的利用方式☆20Aug 13, 2024Updated last year