devploit / XORpass
Encoder to bypass WAF filters using XOR operations.
☆253Updated 2 years ago
Alternatives and similar repositories for XORpass:
Users that are interested in XORpass are comparing it to the libraries listed below
- Scan Victim Backup Directories & Backup Files☆178Updated last year
- Another way to bypass WAF Cheat Sheet (draft)☆423Updated 6 years ago
- Exploit for Drupal 7 <= 7.57 CVE-2018-7600☆133Updated 7 years ago
- CVE-2020–14882、CVE-2020–14883☆283Updated 4 years ago
- SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities☆182Updated 4 years ago
- exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts☆163Updated last year
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆295Updated 5 years ago
- ☆127Updated 3 years ago
- Bypassing WAF by abusing SSL/TLS Ciphers☆315Updated 3 years ago
- That repository contains my updates to the well know java deserialization exploitation tool ysoserial.☆178Updated 2 years ago
- Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.☆176Updated 3 years ago
- ☆206Updated 4 years ago
- Common Web Managers Fuzz Wordlists☆172Updated last month
- CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit☆156Updated 4 years ago
- Bypassing-Web-Application-Firewalls-And-XSS-Filters A series of python scripts for generating weird character combinations and lists for…☆146Updated 4 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆181Updated 4 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆515Updated 4 years ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆578Updated 4 years ago
- jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).☆271Updated 3 months ago
- PoC collection of Atlassian(Jira, Confluence, Bitbucket) products and Jenkins, Solr, Nexus☆175Updated 2 weeks ago
- HTTP file upload scanner for Burp Proxy☆488Updated last year
- ☆182Updated last year
- ☆281Updated 3 years ago
- This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.☆76Updated 4 years ago
- XSS Fuzzer is a tool which generates XSS payloads based on user-defined vectors and fuzzing lists.☆141Updated 6 years ago
- J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…☆74Updated 3 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆258Updated 2 years ago
- POC Exploit for Apache Tomcat 7.0.x CVE-2017-12615 PUT JSP vulnerability.☆111Updated 2 years ago
- A cli for cracking, testing vulnerabilities on Json Web Token(JWT)☆133Updated 2 months ago
- SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.☆89Updated last year