bgeesaman / subpath-exploitLinks
Writeup of CVE-2017-1002101 with sample "exploit"/escape
☆35Updated 7 years ago
Alternatives and similar repositories for subpath-exploit
Users that are interested in subpath-exploit are comparing it to the libraries listed below
Sorting:
- Proof of Concept exploit for Kubernetes CVE-2020-8559☆20Updated 4 years ago
- The SSH Multiplex Backdoor Tool☆64Updated 5 years ago
- 🔐 A concurrent, command-line AWS S3 Fuzzer. Written in Go.☆45Updated 7 years ago
- ☆25Updated 4 years ago
- ☆1Updated 6 years ago
- ☆70Updated 7 years ago
- Some helpful Helm Charts for pentesters☆39Updated 6 years ago
- Go static analysis tool that checks for security issues using an AST.☆28Updated 6 years ago
- A tool to analyse JMX API security level.☆43Updated 10 years ago
- A brute force program to test weak accounts configured to access a JMX Registry☆35Updated 8 years ago
- PoC for CVE-2018-1002105.☆223Updated 6 years ago
- Extension adds a new tab in Burp Suite called Extractor☆42Updated 6 years ago
- Disposable Kali Linux containers for Mercury ISS / pentesting engagements.☆38Updated 5 years ago
- Proof-of-concept CORS exploitation tool.☆35Updated 5 years ago
- ☆33Updated 3 years ago
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆45Updated 6 years ago
- Python script to exploit CVE-2015-4852.☆30Updated 8 years ago
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 6 years ago
- An example of obtaining RCE via Redis and CSRF☆76Updated 8 years ago
- Burp Extension for AWS Signing☆88Updated 4 months ago
- Framework for Automated Security Testing that is Scaleable and Asynchronous built on Microservices☆18Updated 8 years ago
- Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java☆55Updated 8 years ago
- Exploit PoC for Spring RCE issue (CVE-2011-2894)☆43Updated last year
- Full TTY reverse shell over SSH☆58Updated 4 years ago
- DoS PoC's for SAP products☆52Updated 7 years ago
- Another plugin for CRLF vulnerability detection☆26Updated 8 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43Updated 5 years ago
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆54Updated 8 years ago
- A collection of published exploits and proof-of-concept code.☆21Updated 7 years ago
- A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.☆42Updated 6 years ago