evilsocket / jscytheLinks
Abuse the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code.
☆329Updated 11 months ago
Alternatives and similar repositories for jscythe
Users that are interested in jscythe are comparing it to the libraries listed below
Sorting:
- Take over macOS Electron apps' TCC permissions☆210Updated 2 years ago
- Intercept stdin/stdout/stderr for any process☆198Updated 2 years ago
- Execute ELF files without dropping them on disk☆495Updated last year
- ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries…☆192Updated last year
- Minimal code to connect to a CEF debugger.☆208Updated 5 years ago
- A crossplatform mDNS enumeration tool.☆355Updated 2 years ago
- CQ, a code security scanner☆100Updated last year
- This repo contains write ups of vulnerabilities I've found and exploits I've publicly developed.☆147Updated 2 years ago
- One-stop TLS traffic inspection and manipulation using dynamic instrumentation☆242Updated 3 years ago
- ☆169Updated 2 years ago
- ☆205Updated 10 months ago
- A structure-aware HTTP fuzzing library☆214Updated 8 months ago
- List of Trusted Types bypasses☆101Updated last year
- Electron Research☆71Updated 3 years ago
- Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z and zip-like (jar, war,…☆104Updated 3 months ago
- Blazing fast, advanced Padding Oracle exploit☆256Updated this week
- A web client port-scanner written in GO, that supports the WASM/WASI interface for Browser WebAssembly runtime execution.☆156Updated 2 years ago
- tool for generating wordlists or extending an existing one using mutations.☆387Updated 2 months ago
- Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86…☆137Updated 2 years ago
- ☆49Updated 2 years ago
- Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious S…☆236Updated last year
- 🤩 Emoji shellcoding tools for RISC-V (32-bit and 64-bit)☆175Updated 3 weeks ago
- Advanced exploits that I wrote for Pwn2Own competitions and other occasions☆169Updated last year
- StringCheese is a CTF tool to solve easy challenges automatically in many cases where a strings | grep is just not enough☆85Updated 4 years ago
- A little bit less hackish way to intercept and modify non-HTTP protocols through Burp & others.☆212Updated 3 years ago
- MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash☆791Updated 2 years ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering☆210Updated 4 years ago
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration☆299Updated this week
- No Sandbox - Applications That Run Chromium and Chrome Without The Sandbox. TL;DR exploits in these browser based applications are alread…☆186Updated 4 years ago
- A curated list of awesome browser security learning material.☆143Updated 2 years ago