This document describes common misconfigurations of F5 Networks BigIP systems.
☆234Aug 1, 2019Updated 6 years ago
Alternatives and similar repositories for bigipsecurity
Users that are interested in bigipsecurity are comparing it to the libraries listed below
Sorting:
- Scans tcl for command injection☆36May 24, 2019Updated 6 years ago
- A Tool to Extract Open Kibana Instances on Internet and Map them to their Corresponding Organizations for Bug Bounty.☆16Sep 7, 2019Updated 6 years ago
- Research on GraphQL from an AppSec point of view.☆418May 24, 2023Updated 2 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆284Jul 22, 2017Updated 8 years ago
- A tool that turns the authoritative nameservers of DNS providers to resolvers and resolves the target domain list. Please think of this a…☆25Sep 19, 2019Updated 6 years ago
- CVE-2018-13379☆254Aug 14, 2019Updated 6 years ago
- a parser + crawler for .DS_Store files exposed publically☆56Jun 6, 2023Updated 2 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- A tool to find sensitive keys and passwords in Travis logs☆139Jun 27, 2021Updated 4 years ago
- ASM Application Ready Templates☆23Apr 12, 2022Updated 3 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,483Oct 12, 2024Updated last year
- Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will m…☆99Dec 30, 2019Updated 6 years ago
- HTTP.ninja☆148Sep 3, 2023Updated 2 years ago
- Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal☆106May 25, 2020Updated 5 years ago
- shell over ICMP☆19Dec 8, 2012Updated 13 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆346Nov 20, 2022Updated 3 years ago
- JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool☆2,514Jan 21, 2020Updated 6 years ago
- String or worldlist encoder for use in fuzzing or web application testing☆19Sep 2, 2019Updated 6 years ago
- TMOS parser and application extractor☆14Jan 3, 2026Updated 2 months ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆736May 4, 2019Updated 6 years ago
- exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts☆166Aug 29, 2023Updated 2 years ago
- A natural evolution of Burp Suite's Repeater tool☆94Sep 7, 2023Updated 2 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆35May 24, 2024Updated last year
- SQL Server Reporting Services(CVE-2020-0618)中的RCE☆198Feb 15, 2020Updated 6 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆659Feb 1, 2025Updated last year
- Enumerate AD through LDAP with a collection of helpfull scripts being bundled☆144Feb 19, 2026Updated last week
- The cheat sheet about Java Deserialization vulnerabilities☆3,167May 26, 2023Updated 2 years ago
- An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers.☆305Sep 7, 2022Updated 3 years ago
- PEAS is a Python 2 library and command line application for running commands on an ActiveSync server e.g. Microsoft Exchange.☆185Jan 16, 2023Updated 3 years ago
- This is a list of what I consider F5 LTM iRule development best practices.☆21Jun 5, 2015Updated 10 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- notorious BIG IP☆15Aug 8, 2019Updated 6 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆584Sep 7, 2021Updated 4 years ago
- Fast directory scanning and scraping tool☆630Feb 5, 2026Updated 3 weeks ago
- List DTDs and generate XXE payloads using those local DTDs.☆648Feb 21, 2024Updated 2 years ago
- Exploit for CVE-2020-3952 in vCenter 6.7☆277Apr 16, 2020Updated 5 years ago
- Alternative C# Implementation tool to retrieve Active Directory Integrated DNS records with IP addresses☆50Aug 8, 2020Updated 5 years ago
- Speeds up the extraction of password hashes from ntds.dit files. For use with the ntdsxtract project or the dshash script☆27Feb 1, 2024Updated 2 years ago