dustyfresh / PHP-vulnerability-audit-cheatsheet
This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabilities you generally find with that function.
☆353Updated last month
Alternatives and similar repositories for PHP-vulnerability-audit-cheatsheet:
Users that are interested in PHP-vulnerability-audit-cheatsheet are comparing it to the libraries listed below
- ☆264Updated 6 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆286Updated 3 months ago
- Simple python script to extract unsafe functions from php projects☆199Updated 7 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆313Updated last year
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆280Updated 7 years ago
- A mini webserver with FTP support for XXE payloads☆330Updated last year
- SSRF testing tool☆244Updated 2 years ago
- Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains …☆219Updated 2 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆299Updated 4 years ago
- Sample vulnerable code and its exploit code☆190Updated 4 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆259Updated 3 years ago
- Payloads for CRLF Injection☆222Updated 6 months ago
- SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.☆254Updated 10 months ago
- Linux post exploitation enumeration and exploit checking tools☆179Updated 5 years ago
- It's bloody scantastic☆237Updated 2 years ago
- Fuzzing Payloads to Assist in Web Application Testing.☆166Updated 5 years ago
- Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]☆306Updated 6 years ago
- rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments☆246Updated 5 years ago
- HTTP.ninja☆151Updated last year
- From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras☆425Updated 5 years ago
- Pentest/BugBounty progress control with scanning modules☆281Updated 4 years ago
- Various Payload wordlists☆235Updated 4 years ago
- ☆326Updated 7 years ago
- bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.☆533Updated 2 years ago
- Utils☆267Updated 9 years ago
- DNS Rebinding Exploitation Framework☆489Updated 4 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆257Updated 3 years ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.☆314Updated 3 years ago
- A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…☆253Updated last year
- Lesser Known Web Attack Lab☆331Updated 5 years ago