cnotin / RazorVulnerableApp
DO NOT USE: this is a vulnerable ASP.NET web app using Razor templating engine. The vulnerability is a Server-Side Template Injection (SSTI). For training and testing purposes.
☆27Updated 4 years ago
Alternatives and similar repositories for RazorVulnerableApp:
Users that are interested in RazorVulnerableApp are comparing it to the libraries listed below
- #BugBounty #BugBounty Tools #WebDeveloper Tool☆37Updated 5 years ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆47Updated 4 years ago
- Exploits developed by Mikael Kall☆47Updated last year
- A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated remote code execution.☆5Updated 2 years ago
- ☆27Updated 3 years ago
- Gopher Tomcat Deployer☆48Updated 6 years ago
- Generating payloads to reverse shell in different contexts of java.☆48Updated 2 years ago
- RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer☆55Updated 5 years ago
- PoC for CVE-2021-45897☆18Updated 3 years ago
- ☆60Updated 6 years ago
- 该脚本为Citrix XenMobile 目录遍历漏洞(CVE-2020-8209)批量检测脚本。☆31Updated 4 years ago
- ☆35Updated 3 months ago
- Tool is to check for Cache Deception Attack Both For Authenticated and UnAuthenticated Pages☆44Updated 3 years ago
- CVE-2021-40346 PoC (HAProxy HTTP Smuggling)☆40Updated 3 years ago
- Example Vulnerable .NET HTTP Remoting☆84Updated 6 years ago
- Burp Extension that lets you use Burp Collaborator as a DNS server for exfiltrating data via Sqlmap☆36Updated 3 years ago
- Authenticated SSRF in Grafana☆81Updated 10 months ago
- tetctf2020_amf_writeups☆23Updated 4 years ago
- ☆15Updated 4 years ago
- CVE-2020-5410 Spring Cloud Config directory traversal vulnerability☆31Updated 4 years ago
- Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data☆26Updated 3 years ago
- 用Kali 2.0复现Apache Tomcat Session反序列化代码执行漏洞☆52Updated 4 years ago
- ☆51Updated 2 years ago
- ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)☆29Updated 3 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆76Updated 4 years ago
- JSON Beautifier for Burp written in Java☆39Updated 5 years ago
- A burp-suite plugin that extract all parameter names from in-scope requests☆29Updated 3 years ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆45Updated 3 years ago
- Same Origin XSS challenge☆56Updated 3 years ago
- A Burp extension to show the Collaborator client in a tab☆23Updated 2 years ago