brannondorsey / dns-rebind-toolkit

Related projects ⓘ

Alternatives and complementary repositories for dns-rebind-toolkit

• brannondorsey / whonow
  A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
  ☆627Updated 2 years ago
• FSecureLABS / dref
  DNS Rebinding Exploitation Framework
  ☆482Updated 3 years ago
• PortSwigger / hackability
  Probe a rendering engine for vulnerabilities and other features
  ☆366Updated 3 years ago
• Varbaek / xsser
  From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
  ☆423Updated 4 years ago
• dxa4481 / cssInjection
  Stealing CSRF tokens with CSS injection (without iFrames)
  ☆318Updated 6 years ago
• PortSwigger / collaborator-everywhere
  A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by caus…
  ☆425Updated 11 months ago
• pathetiq / BurpSmartBuster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆383Updated 4 years ago
• rmikehodges / hideNsneak
  a CLI for ephemeral penetration testing
  ☆7Updated 4 years ago
• blacknbunny / CVE-2018-10933
  Spawn to shell without any credentials by using CVE-2018-10933 (LibSSH)
  ☆496Updated 11 months ago
• mazen160 / struts-pwn_CVE-2018-11776
  An exploit for Apache Struts CVE-2018-11776
  ☆301Updated 6 years ago
• mpgn / poodle-PoC
  Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566
  ☆251Updated last year
• SolomonSklash / chomp-scan
  A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
  ☆394Updated 4 years ago
• orangetw / Tiny-URL-Fuzzer
  A tiny and cute URL fuzzer
  ☆387Updated 2 years ago
• ropnop / serverless_toolkit
  A collection of useful Serverless functions I use when pentesting
  ☆381Updated last year
• franccesco / getaltname
  Extract subdomains from SSL certificates in HTTPS sites.
  ☆369Updated last week
• davidpepper / fierce-domain-scanner
  Fierce.pl Domain Scanner
  ☆293Updated 5 years ago
• cyberheartmi9 / CVE-2017-12617
  Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution
  ☆390Updated 7 years ago
• frizb / Bypassing-Web-Application-Firewalls
  A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockers
  ☆273Updated 6 years ago
• bitquark / dnspop
  Analysis of DNS records to find popular trends
  ☆442Updated 8 years ago
• bugbountyforum / XSS-Radar
  ☆318Updated 6 years ago
• 0x4D31 / burpa
  Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applica…
  ☆481Updated 6 years ago
• mandatoryprogrammer / cloudflare_enum
  Cloudflare DNS Enumeration Tool for Pentesters
  ☆516Updated 2 years ago
• jobertabma / ground-control
  A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
  ☆532Updated 7 years ago
• zMarch / Orc
  Orc is a post-exploitation framework for Linux written in Bash
  ☆390Updated 5 years ago
• allfro / BurpKit
  Next-gen BurpSuite penetration testing tool
  ☆456Updated 8 years ago
• lightbulb-framework / lightbulb-framework
  Tools for auditing WAFS
  ☆458Updated 3 years ago
• ngalongc / AutoLocalPrivilegeEscalation
  An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically
  ☆486Updated 3 years ago
• nccgroup / shocker
  A tool to find and exploit servers vulnerable to Shellshock
  ☆333Updated last year
• mandatoryprogrammer / xssless
  An automated XSS payload generator written in python.
  ☆316Updated 8 years ago