cfreal / tenLinks
A (small) web exploit framework
☆93Updated 2 weeks ago
Alternatives and similar repositories for ten
Users that are interested in ten are comparing it to the libraries listed below
Sorting:
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆101Updated 2 months ago
- CVE-2023-33733 reportlab RCE☆119Updated last year
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆133Updated 5 years ago
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆225Updated 10 months ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆65Updated last year
- Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing☆133Updated last year
- out-of-bounds write in Fortinet FortiOS CVE-2024-21762 vulnerability☆138Updated last year
- Repository to store exploits created by Assetnotes Security Research team☆182Updated last year
- LFI to RCE via phpinfo() assistance or via controlled log file☆70Updated 2 years ago
- Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z and zip-like (jar, war,…☆104Updated 3 months ago
- GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab…☆141Updated 2 years ago
- A script to automate privilege escalation with CVE-2023-22809 vulnerability☆156Updated 2 years ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆89Updated last year
- Utility for creating ZipSlip archives☆74Updated 2 years ago
- Deserialization payload generator for a variety of .NET formatters☆111Updated last week
- CVE-2024-3400 Palo Alto OS Command Injection☆160Updated last year
- Dockerized POC for CVE-2022-42889 Text4Shell☆76Updated 2 years ago
- Ubuntu Privilege Escalation bash one-liner using CVE-2023-32629 & CVE-2023-2640☆108Updated last year
- RCE exploit for CVE-2023-3519☆226Updated 2 years ago
- Tool to enable blind sql injection attacks against websockets using sqlmap☆64Updated 3 months ago
- Peas create serialized payload for deserialization RCE attack on python driven applications where pickle ,pyYAML, ruamel.yaml or jsonpick…☆119Updated last year
- Ghostscript command injection vulnerability PoC (CVE-2023-36664)☆128Updated last year
- A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read☆217Updated 5 months ago
- Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE☆196Updated 9 months ago
- POC for RCE vulnerability in ParseExcel library, and ParseXLSX too, as a depending library☆17Updated 11 months ago
- PHP binary bugs advisory☆180Updated 3 years ago
- Exploit for Grafana arbitrary file-read and RCE (CVE-2024-9264)☆117Updated 8 months ago
- CVE-2022-0847☆81Updated 3 years ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆98Updated last year
- CVE-2021-27928 MariaDB/MySQL-'wsrep provider' 命令注入漏洞☆62Updated 2 years ago