evilsocket / jscythe
Abuse the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code.
☆320Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for jscythe
- Take over macOS Electron apps' TCC permissions☆191Updated last year
- A crossplatform mDNS enumeration tool.☆344Updated 2 years ago
- Intercept stdin/stdout/stderr for any process☆197Updated 2 years ago
- Blazing fast, advanced Padding Oracle exploit☆236Updated 6 months ago
- A curated list of awesome browser security learning material.☆130Updated 2 years ago
- A web client port-scanner written in GO, that supports the WASM/WASI interface for Browser WebAssembly runtime execution.☆141Updated last year
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration☆286Updated this week
- A structure-aware HTTP fuzzing library☆206Updated last year
- A fast and secure multi protocol honeypot.☆311Updated 2 years ago
- ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries…☆180Updated 10 months ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆196Updated last year
- Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86…☆117Updated 2 years ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆252Updated 4 months ago
- A GraphQL enumeration and extraction tool☆128Updated last year
- WebSocket REPL for pentesters☆210Updated 3 months ago
- PP-finder Help you find gadget for prototype pollution exploitation☆138Updated 3 months ago
- This repo contains write ups of vulnerabilities I've found and exploits I've publicly developed.☆141Updated last year
- Execute ELF files without dropping them on disk☆482Updated 4 months ago
- CQ, a code security scanner☆97Updated 6 months ago
- Rust-based high performance domain permutation generator.☆275Updated 11 months ago
- Minimal code to connect to a CEF debugger.☆197Updated 4 years ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆367Updated last year
- One-stop TLS traffic inspection and manipulation using dynamic instrumentation☆240Updated 2 years ago
- List of Trusted Types bypasses☆86Updated 7 months ago
- it is very good☆506Updated last year
- d(ockerp)wn - a docker pwn tool manager☆155Updated 3 years ago
- Electron Research☆70Updated 2 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆498Updated 2 years ago
- High speed/Low cost CommonCrawl RegExp in Node.js☆243Updated 7 months ago
- ☆63Updated last year