dreadlocked / ctf-writeups

Related projects ⓘ

Alternatives and complementary repositories for ctf-writeups

• Techlord-RCE / dns-rebind-toolkit
  A front-end JavaScript toolkit for creating DNS rebinding attacks.
  ☆45Updated 6 years ago
• GrrrDog / ZeroNights-WebVillage-2017
  ☆70Updated 7 years ago
• smiegles / certs
  Parse X509 certificates to get the (sub)domains in it.
  ☆28Updated 6 years ago
• gradiuscypher / bounty_tools
  Various tools for managing bug bounty recon and exploration.
  ☆46Updated last year
• nccgroup / Extractor
  Extension adds a new tab in Burp Suite called Extractor
  ☆42Updated 5 years ago
• tijme / similar-request-excluder
  A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.
  ☆43Updated 4 years ago
• ajxchapman / sshreverseshell
  Full TTY reverse shell over SSH
  ☆57Updated 4 years ago
• syriusbughunt / CVE-2018-14667
  All about CVE-2018-14667; From what it is to how to successfully exploit it.
  ☆49Updated 5 years ago
• incredibleindishell / Local-file-disclosure-SQL-Injection-Lab
  This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …
  ☆44Updated 7 years ago
• AppSecConsulting / Pentest-Tools
  Penetration Testing Tools Developed by AppSec Consulting.
  ☆48Updated 5 years ago
• 0x00string / oldays
  public exploits
  ☆35Updated last year
• yolosec / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆34Updated 8 years ago
• federicodotta / BurpJDSer-ng-edited
  Burp Suite plugin that allow to deserialize Java objects and convert them in an XML format. Unpack also gzip responses. Based on BurpJDSe…
  ☆20Updated 9 months ago
• 0ang3el / Hibernate-Injection-Study
  Study about HQL injection exploitation.
  ☆49Updated 8 years ago
• MohitDabas / sastgriper
  A simple grep user interface for searching code which can be used for SAST.
  ☆8Updated 5 years ago
• federicodotta / HandyCollaborator
  Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!
  ☆103Updated 6 years ago
• W00t3k / inSp3ctor
  AWS S3 Bucket/Object Finder
  ☆25Updated 7 years ago
• simonuvarov / expdev
  Vulnerable software and exploits used for OSCP/OSCE preparation
  ☆24Updated 7 years ago
• GrrrDog / ACEDcup
  Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)
  ☆39Updated 8 years ago
• PortSwigger / freddy-deserialization-bug-finder
  ☆41Updated 4 years ago
• ropnop / xxetimes
  An interactive OOB XXE data exfiltration tool
  ☆90Updated 7 years ago
• destine21 / ZIPFileRaider
  ZIP File Raider - Burp Extension for ZIP File Payload Testing
  ☆70Updated 4 years ago
• issue2report / issue2report
  Generate pentest reports based on github issues.
  ☆17Updated last year
• debasishm89 / dotNetFuzz
  A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.
  ☆42Updated 6 years ago
• jacob-baines / longtime-sunshine
  Nashorn Post Exploitation
  ☆31Updated 6 years ago