assetnote / react2shell-scannerLinks
High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)
☆340Updated this week
Alternatives and similar repositories for react2shell-scanner
Users that are interested in react2shell-scanner are comparing it to the libraries listed below
Sorting:
- Explanation and full RCE PoC for CVE-2025-55182☆449Updated this week
- A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnera…☆159Updated this week
- Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection☆435Updated 2 months ago
- jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying se…☆464Updated 2 months ago
- A lightweight GPT model, trained to discover subdomains.☆325Updated last week
- CVE-2025-55182 POC☆552Updated this week
- Original Proof-of-Concept's for React2Shell CVE-2025-55182☆381Updated this week
- This repository presents a proof-of-concept of CVE-2023-7028☆242Updated last year
- JWT Auditor – Analyze, break, and understand your tokens like a pro.☆301Updated 4 months ago
- his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulne…☆178Updated 8 months ago
- CVE-2025-29927 Proof of Concept☆91Updated 8 months ago
- PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC☆301Updated last year
- A fast WordPress plugin enumeration tool☆731Updated last month
- Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)☆161Updated last year
- Bambdas collection for Burp Suite Professional and Community.☆425Updated 2 weeks ago
- A fast, minimalistic scanner for time-based SQL injection (SQLi) detection – built in Go.☆133Updated 7 months ago
- MCP Server for Burp☆383Updated last month
- A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.☆806Updated 2 weeks ago
- Local Privilege Escalation to Root via Sudo chroot in Linux☆407Updated 5 months ago
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆287Updated last year
- rep+ — Burp-style HTTP Repeater for Chrome DevTools with built‑in AI to explain requests and suggest attacks☆707Updated this week
- Burp Plugin to Bypass WAFs through the insertion of Junk Data☆1,370Updated 4 months ago
- CVE-2024-4367 & CVE-2024-34342 Proof of Concept☆184Updated last year
- gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications (Official BApp Extension Available)☆238Updated last month
- ☆579Updated 3 months ago
- This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).☆243Updated 8 months ago
- This script automates SQL injection testing using SQLMap with AI-powered decision making.☆385Updated 3 weeks ago
- PDF Files for Pentesting☆668Updated last year
- CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …☆284Updated last year
- BrutDroid - Android Studio Pentest Automator: Streamline mobile pentesting with automated emulator rooting, Frida, and Burp Suite integra…☆512Updated 4 months ago