A (small) web exploit framework
☆97Dec 26, 2025Updated 2 months ago
Alternatives and similar repositories for ten
Users that are interested in ten are comparing it to the libraries listed below
Sorting:
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆112Jun 23, 2025Updated 8 months ago
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆237Oct 8, 2024Updated last year
- PoC☆12Apr 7, 2025Updated 11 months ago
- some fun php exploits☆82Nov 12, 2024Updated last year
- stealth userland kit that doesn't use sys_clone/sys_execve call☆35Apr 10, 2025Updated 11 months ago
- xortigate-cve-2023-27997☆65Oct 12, 2023Updated 2 years ago
- Py写的tsh的流量加解密过程。☆28Aug 15, 2022Updated 3 years ago
- Exploits targeting vBulletin.☆74Apr 15, 2023Updated 2 years ago
- A simple C2 using Google Translate Webpage for data evasion☆12Jan 30, 2023Updated 3 years ago
- SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)☆286Mar 5, 2025Updated last year
- Exploits targeting Symfony☆214Sep 19, 2024Updated last year
- A simple pickle assembler to make handcrafting pickle bytecode easier.☆15Apr 16, 2021Updated 4 years ago
- Unauthenticated RCE on CraftCMS when PHP `register_argc_argv` config setting is enabled☆48Dec 23, 2024Updated last year
- Fork of ligolo-ng with exec and service capability☆17Oct 30, 2023Updated 2 years ago
- CTFの解法をまとめる。☆163Oct 7, 2025Updated 5 months ago
- A PoC of a privilege escalation vulnerability in the Realtek rtkio64 Windows driver.☆20Jul 6, 2020Updated 5 years ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆68May 31, 2024Updated last year
- ☆24Nov 19, 2024Updated last year
- [CVE-2019-18935] Telerik UI for ASP.NET AJAX (RadAsyncUpload Handler) .NET JSON Deserialization☆16Aug 25, 2020Updated 5 years ago
- Crackmapexec custom scripts used in my internal pentests.☆25Nov 12, 2023Updated 2 years ago
- A straightforward tool for exploiting SMTP Smuggling vulnerabilities.☆14Jul 22, 2024Updated last year
- Veeam Backup Enterprise Manager Authentication Bypass (CVE-2024-29849)☆89Jun 13, 2024Updated last year
- Repository to keep track of python memory corruption bugs that can be used to potentially bypass audit hooks☆65Dec 28, 2025Updated 2 months ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆361Dec 13, 2025Updated 3 months ago
- CVE-2025-20029: Command Injection in TMSH CLI in F5 BIG-IP☆22Feb 23, 2025Updated last year
- ✨ Build a beautiful and simple website in literally minutes. Demo at https://beautifuljekyll.com☆21Dec 5, 2022Updated 3 years ago
- Proof of conept to exploit vulnerable proxycommand configurations on ssh clients☆19Dec 21, 2023Updated 2 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,768Sep 29, 2025Updated 5 months ago
- A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228☆13Dec 13, 2021Updated 4 years ago
- ownCloud exploits for CVE-2023-49105☆37Dec 5, 2023Updated 2 years ago
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆18Sep 18, 2024Updated last year
- Searching .evtx logs for remote connections☆24Jul 6, 2023Updated 2 years ago
- Challenges I wrote for various CTF competitions☆44Jul 21, 2024Updated last year
- angr-wrapper is a simple script to automatise and accelerate your basic use of angr (to solve CTF challenges for example)☆14Dec 18, 2021Updated 4 years ago
- A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.☆325Jun 2, 2024Updated last year
- ☆37Jan 4, 2026Updated 2 months ago
- ☆10Apr 11, 2013Updated 12 years ago
- A cybersecurity challenge, based on a real world finding☆12Jul 11, 2024Updated last year
- A collection of one off hacks and simple scripts☆26Mar 21, 2023Updated 3 years ago