cnotin / RazorVulnerableApp
DO NOT USE: this is a vulnerable ASP.NET web app using Razor templating engine. The vulnerability is a Server-Side Template Injection (SSTI). For training and testing purposes.
☆26Updated 4 years ago
Alternatives and similar repositories for RazorVulnerableApp:
Users that are interested in RazorVulnerableApp are comparing it to the libraries listed below
- Exploits developed by Mikael Kall☆47Updated last year
- #BugBounty #BugBounty Tools #WebDeveloper Tool☆36Updated 5 years ago
- Tool is to check for Cache Deception Attack Both For Authenticated and UnAuthenticated Pages☆43Updated 3 years ago
- A Burp Suite extension to add a custom header (e.g. JWT)☆19Updated 3 years ago
- Gopher Tomcat Deployer☆47Updated 6 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆39Updated 3 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆75Updated 4 years ago
- XMLRPC - RCE in MovableTypePoC☆21Updated 2 years ago
- ☆33Updated 4 years ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆45Updated 4 years ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆45Updated 2 years ago
- A Burp extension to show the Collaborator client in a tab☆23Updated 2 years ago
- Query various sources for CVE proof-of-concepts☆49Updated last year
- Image Tragick Exploit Tool Using Burp Collaborator☆35Updated 7 months ago
- POC Script for CVE-2020-12800: RCE through Unrestricted File Type Upload☆27Updated 2 years ago
- Guide For WAF Bypass Techniques☆25Updated 4 years ago
- Burp extension to generate multi-step CSRF POC.☆29Updated 5 years ago
- client-side prototype pullution vulnerability scanner☆46Updated 3 years ago
- ☆34Updated 2 years ago
- ☆46Updated 2 years ago
- A Burp Suite extension for headless, unattended scanning.☆36Updated 4 years ago
- Burp Extension that lets you use Burp Collaborator as a DNS server for exfiltrating data via Sqlmap☆36Updated 3 years ago
- Writeup of CVE-2020-15906☆46Updated 4 years ago
- ☆27Updated 3 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data☆26Updated 3 years ago
- ☆15Updated 4 years ago
- Copy as XMLHttpRequest BurpSuite extension☆30Updated 3 years ago
- Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077☆31Updated 3 years ago
- 该脚本为Citrix XenMobile 目录遍历漏洞(CVE-2020-8209)批量检测脚本。☆31Updated 4 years ago