Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.
☆237Oct 8, 2024Updated last year
Alternatives and similar repositories for wrapwrap
Users that are interested in wrapwrap are comparing it to the libraries listed below
Sorting:
- Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()☆504Sep 30, 2024Updated last year
- A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.☆325Jun 2, 2024Updated last year
- ☆1,005Jan 23, 2023Updated 3 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆112Jun 23, 2025Updated 8 months ago
- ☆349Jan 24, 2023Updated 3 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,768Sep 29, 2025Updated 5 months ago
- ☆95Sep 2, 2024Updated last year
- A (small) web exploit framework☆97Dec 26, 2025Updated 2 months ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆92Mar 25, 2024Updated last year
- dotnet 反序列化学习笔记☆513Oct 19, 2023Updated 2 years ago
- Java RMI Vulnerability Scanner☆915Jul 3, 2024Updated last year
- Coffee is a loader for ELF (Executable and Linkable Format) object files written in Rust. Coffee是一个用Rust语言编写的ELF object文件的加载器☆63Apr 29, 2024Updated last year
- Some ReadObject Sink With JDBC☆243May 8, 2024Updated last year
- 抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组☆140Mar 11, 2024Updated 2 years ago
- 构造字节在ASCII范围内的jar☆139Feb 14, 2022Updated 4 years ago
- 一款使用Yaml定义搜索规则来搜索Class的工具☆108Aug 2, 2023Updated 2 years ago
- cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件☆93Jan 17, 2023Updated 3 years ago
- A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON☆115Mar 27, 2024Updated last year
- Prototype Pollution and useful Script Gadgets☆1,601Jan 27, 2024Updated 2 years ago
- Topic: The Swiss Army Knife of Java Exploitation☆21Feb 25, 2025Updated last year
- A collection of Server-Side Prototype Pollution gadgets and exploits☆229Feb 6, 2025Updated last year
- some fun php exploits☆82Nov 12, 2024Updated last year
- ☆50Dec 4, 2023Updated 2 years ago
- A small utility to translate NTDS.dit files to SQLite format.☆83Oct 11, 2023Updated 2 years ago
- A neo4j procedure for tabby☆137May 17, 2025Updated 10 months ago
- CTF challenges I created 🚩☆79Mar 7, 2026Updated 2 weeks ago
- PoC for CVE-2023-4911☆389Oct 4, 2023Updated 2 years ago
- attachments and (some) writeups/source code for RWCTF 6th☆126Feb 2, 2024Updated 2 years ago
- Powerview on steroids☆898Mar 10, 2026Updated last week
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆757Dec 2, 2022Updated 3 years ago
- Find all libraries on cdn.js that pollute your prototype☆19Sep 1, 2022Updated 3 years ago
- BloodyAD is an Active Directory Privilege Escalation Framework☆2,122Feb 27, 2026Updated 3 weeks ago
- Escalate Service Account To LocalSystem via Kerberos☆403Sep 14, 2023Updated 2 years ago
- SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…☆477May 16, 2024Updated last year
- Writing PHP with only 5 characters☆39Mar 5, 2026Updated 2 weeks ago
- 闭源系统半自动漏洞挖掘工具,针对 jar/war/zip 进行静态代码分析,输出从source到sink的可达路径。LLM将验证路径可达性,并根据上下文给出该路径可信分数☆506Jan 12, 2026Updated 2 months ago
- awd/awdp 小工具,使用 javassist 对 jar 包进行 patch☆31Nov 9, 2023Updated 2 years ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,324Apr 18, 2023Updated 2 years ago
- ☆23Jan 2, 2023Updated 3 years ago