esmog / nodexp
NodeXP - A Server Side Javascript Injection tool capable of detecting and exploiting Node.js vulnerabilities
☆105Updated 3 years ago
Related projects: ⓘ
- A tool that help you to guess how your shell was renamed after the server-side script of the file uploader saved it☆64Updated 3 years ago
- Script to automate PUT HTTP method exploitation to get shell☆124Updated 4 years ago
- subdomain bruteforce list☆96Updated 2 years ago
- Automated Pentest Tools Designed For Parrot Linux☆84Updated 5 years ago
- A tool to generate media files with malicious metadata☆123Updated 5 years ago
- Automatic remote/local file inclusion vulnerability analysis and exploit tool☆60Updated 5 years ago
- Everything you need to exploit overly permissive crossdomain.xml files☆86Updated 9 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆58Updated 5 years ago
- Automate Metasploit scanning and exploitation☆108Updated this week
- A web application for generating custom XSS payloads☆75Updated 4 years ago
- Local File Inclusion Exploitation Tool (mirror)☆121Updated 7 years ago
- Simple Server Side Request Forgery services enumeration tool.☆54Updated 6 years ago
- Dirbuster plugin for Burp Suite☆70Updated 7 years ago
- HTTPoxy Exploit Scanner by 1N3 @CrowdShield☆102Updated 7 years ago
- ☆61Updated this week
- A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commo…☆46Updated 2 years ago
- HTML5 WebSocket message fuzzer☆141Updated 5 years ago
- davtest (improved)- Exploits WebDAV folders☆101Updated last year
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆136Updated 3 years ago
- Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity☆196Updated 2 years ago
- BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…☆60Updated 6 years ago
- An interactive OOB XXE data exfiltration tool☆90Updated 7 years ago
- ☆130Updated this week
- ☆133Updated this week
- Extension of sublister tool to check for subdomain takeovers☆22Updated 6 years ago
- GitBackdorizer (bad name, I know!) Is a proof of concept from Ulisses Castro's talk - 50 ton of backdoors (https://www.slideshare.net/uli…☆49Updated 6 years ago
- Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdom…☆101Updated last year
- A wrapper for Nmap to quickly run network scans☆145Updated 3 years ago
- XSS Hunter Burp Plugin☆148Updated 6 years ago
- Automating Jenkins Hacking using Shodan API☆94Updated 6 years ago