A (small) web exploit framework
☆98Dec 26, 2025Updated 6 months ago
Alternatives and similar repositories for ten
Users that are interested in ten are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()☆505Sep 30, 2024Updated last year
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆114Jun 23, 2025Updated last year
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆242Oct 8, 2024Updated last year
- PoC☆12Apr 7, 2025Updated last year
- some fun php exploits☆81Nov 12, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- stealth userland kit that doesn't use sys_clone/sys_execve call☆35Apr 10, 2025Updated last year
- xortigate-cve-2023-27997☆63Oct 12, 2023Updated 2 years ago
- Py写的tsh的流量加解密过程。☆28Aug 15, 2022Updated 3 years ago
- Exploits targeting vBulletin.☆75Apr 15, 2023Updated 3 years ago
- A simple C2 using Google Translate Webpage for data evasion☆12Jan 30, 2023Updated 3 years ago
- SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)☆292Mar 5, 2025Updated last year
- A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.☆163Jun 22, 2026Updated last week
- ☆29Oct 18, 2022Updated 3 years ago
- Exploits targeting Symfony☆216Sep 19, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A simple pickle assembler to make handcrafting pickle bytecode easier.☆15Apr 16, 2021Updated 5 years ago
- Unauthenticated RCE on CraftCMS when PHP `register_argc_argv` config setting is enabled☆47Dec 23, 2024Updated last year
- Fork of ligolo-ng with exec and service capability☆16Oct 30, 2023Updated 2 years ago
- A PoC of a privilege escalation vulnerability in the Realtek rtkio64 Windows driver.☆21Jul 6, 2020Updated 5 years ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆72May 31, 2024Updated 2 years ago
- ☆24Nov 19, 2024Updated last year
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆62Dec 18, 2025Updated 6 months ago
- [CVE-2019-18935] Telerik UI for ASP.NET AJAX (RadAsyncUpload Handler) .NET JSON Deserialization☆16Aug 25, 2020Updated 5 years ago
- Crackmapexec custom scripts used in my internal pentests.☆25Nov 12, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A straightforward tool for exploiting SMTP Smuggling vulnerabilities.☆14Jul 22, 2024Updated last year
- Veeam Backup Enterprise Manager Authentication Bypass (CVE-2024-29849)☆90Jun 13, 2024Updated 2 years ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆368Dec 13, 2025Updated 6 months ago
- CVE-2025-20029: Command Injection in TMSH CLI in F5 BIG-IP☆22Feb 23, 2025Updated last year
- ✨ Build a beautiful and simple website in literally minutes. Demo at https://beautifuljekyll.com☆21Dec 5, 2022Updated 3 years ago
- Proof of conept to exploit vulnerable proxycommand configurations on ssh clients☆19Dec 21, 2023Updated 2 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,836Sep 29, 2025Updated 9 months ago
- A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228☆13Dec 13, 2021Updated 4 years ago
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆18Sep 18, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Searching .evtx logs for remote connections☆24Jul 6, 2023Updated 2 years ago
- angr-wrapper is a simple script to automatise and accelerate your basic use of angr (to solve CTF challenges for example)☆14Dec 18, 2021Updated 4 years ago
- A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.☆332Jun 2, 2024Updated 2 years ago
- Source code for the DEF CON 33 CTF Finals.☆32Aug 26, 2025Updated 10 months ago
- ☆10Apr 11, 2013Updated 13 years ago
- Challenges I wrote for various CTF competitions☆45Jul 21, 2024Updated last year
- A cybersecurity challenge, based on a real world finding☆11Jul 11, 2024Updated last year