This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.
☆78Feb 5, 2018Updated 8 years ago
Alternatives and similar repositories for json-flash-csrf-poc
Users that are interested in json-flash-csrf-poc are comparing it to the libraries listed below
Sorting:
- The offical exploit for Pandora v7.0NG Post-auth Remote Code Execution CVE-2019-20224☆14Jan 10, 2020Updated 6 years ago
- CVE-2019-12949☆26Jun 28, 2019Updated 6 years ago
- CVE-2018-4407 IOS/macOS kernel crash☆13Feb 23, 2019Updated 7 years ago
- Some debug notes and exploit(not blind)☆39Jul 28, 2019Updated 6 years ago
- Penetration Testing Platform (Front-End Code)☆17Jan 5, 2023Updated 3 years ago
- xss payloads generator☆25Mar 1, 2019Updated 7 years ago
- Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls☆42Jan 22, 2016Updated 10 years ago
- Nodejs application intentionally vulnerable to SSRF☆42May 12, 2023Updated 2 years ago
- Apache Solr DataImport Handler RCE☆91Aug 12, 2019Updated 6 years ago
- CVE-2018-19537☆20Nov 26, 2018Updated 7 years ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆14Dec 30, 2018Updated 7 years ago
- Shiro-721 RCE Via RememberMe Padding Oracle Attack☆269Oct 29, 2020Updated 5 years ago
- libssh CVE-2018-10933☆21Oct 20, 2018Updated 7 years ago
- Dockerized BeEF☆44Dec 7, 2021Updated 4 years ago
- A vulnerable application exposing Spring Boot Actuators☆123Feb 25, 2019Updated 7 years ago
- Script hecho en python, para sacar la IP, de las paginas web.☆11Aug 25, 2022Updated 3 years ago
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆167Apr 5, 2019Updated 6 years ago
- Web Security Technology & Vulnerability Analysis Whitepapers☆549Jan 1, 2019Updated 7 years ago
- ☆83Jan 11, 2018Updated 8 years ago
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆58Oct 31, 2019Updated 6 years ago
- django 漏洞:CVE-2020-7471 Potential SQL injection via StringAgg(delimiter) 的漏洞环境和 POC☆103Feb 13, 2020Updated 6 years ago
- 一个Mac下信息搜集小脚本 主要用于信息搜集/应急响应/检测挖矿进程/异常进程/异常启动项☆78Jul 21, 2020Updated 5 years ago
- 针对域名/页面的接口爬取,递归模式入库☆22Sep 18, 2019Updated 6 years ago
- 更快速的进行Web应用指纹识别☆170May 9, 2019Updated 6 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆584Sep 7, 2021Updated 4 years ago
- A JSP backdoor that enables under Tomcat hiding arbitrary JSP files, in addition to their access logs.☆216Mar 31, 2019Updated 6 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- Zimbra XXE+SSRF+UPLOAD Poc☆59Jun 25, 2019Updated 6 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116May 17, 2019Updated 6 years ago
- 用WebShell攻击PHP-FPM Attacking PHP-FPM with WebShell☆41May 6, 2021Updated 4 years ago
- PoC for CVE-2018-1002105.☆222Dec 21, 2018Updated 7 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 6 years ago
- nmap默认的scripts和自己收集的一些scripts☆21Feb 22, 2018Updated 8 years ago
- ☆12May 22, 2018Updated 7 years ago
- ☆13Feb 22, 2024Updated 2 years ago
- cve-2019-0604 SharePoint RCE exploit☆40Jun 26, 2019Updated 6 years ago
- 域信息收集工具☆11Jun 5, 2023Updated 2 years ago
- Various CTF challenge solutions☆12Apr 20, 2021Updated 4 years ago