dustyfresh / PHP-vulnerability-audit-cheatsheet
This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabilities you generally find with that function.
☆348Updated 6 years ago
Alternatives and similar repositories for PHP-vulnerability-audit-cheatsheet:
Users that are interested in PHP-vulnerability-audit-cheatsheet are comparing it to the libraries listed below
- Simple python script to extract unsafe functions from php projects☆197Updated 6 years ago
- A mini webserver with FTP support for XXE payloads☆327Updated last year
- ☆261Updated 5 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆283Updated last month
- SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.☆254Updated 8 months ago
- Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains …☆221Updated 2 years ago
- A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.☆397Updated 4 years ago
- Linux post exploitation enumeration and exploit checking tools☆179Updated 4 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆310Updated last year
- From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras☆425Updated 5 years ago
- Utils☆266Updated 9 years ago
- Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT☆394Updated 7 months ago
- kadimus is a tool to check and exploit lfi vulnerability.☆526Updated 4 years ago
- Pentest/BugBounty progress control with scanning modules☆283Updated 4 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆258Updated 3 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆280Updated 7 years ago
- Lesser Known Web Attack Lab☆331Updated 5 years ago
- rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments☆243Updated 5 years ago
- Fuzzing Payloads to Assist in Web Application Testing.☆166Updated 5 years ago
- All my infosec notes I have been building up over the years☆330Updated 3 years ago
- DNS Rebinding Exploitation Framework☆488Updated 3 years ago
- Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]☆304Updated 6 years ago
- Sample vulnerable code and its exploit code☆189Updated 3 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆246Updated 2 years ago
- File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.☆271Updated 3 years ago
- BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…☆545Updated 2 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆348Updated 4 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆297Updated 4 years ago
- Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and us…☆572Updated 8 months ago
- locate and attack Lync/Skype for Business☆335Updated 4 months ago