ezequielpereira / GAE-RCELinks
Google App Engine - Remote Code Execution bug ($36k bug bounty)
☆151Updated 7 years ago
Alternatives and similar repositories for GAE-RCE
Users that are interested in GAE-RCE are comparing it to the libraries listed below
Sorting:
- Chrome < 62 uxss exploit (CVE-2017-5124)☆161Updated 7 years ago
- ☆270Updated 2 years ago
- The challenge source code and solutions for FBCTF 2019☆201Updated 2 years ago
- ☆232Updated 6 years ago
- A list of publicly known but unfixed security bugs☆237Updated 7 years ago
- This repo has been migrated to https://github.com/github/security-lab/tree/master/SecurityExploits☆253Updated 5 years ago
- A visual fuzzer written in NodeJS to find Zalgo characters☆53Updated 7 years ago
- ☆92Updated 6 years ago
- 35C3 Junior CTF pwnables☆148Updated 6 years ago
- X41 Browser Security White Paper - Tools and PoCs☆184Updated 7 years ago
- ☆166Updated 6 years ago
- TLS Redirection☆120Updated 7 years ago
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆45Updated 7 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆141Updated 8 years ago
- BSidesSF CTF 2017 release☆126Updated 3 years ago
- The Internetwache CTF 2016 repository☆73Updated 4 years ago
- An example of obtaining RCE via Redis and CSRF☆76Updated 8 years ago
- Proof of concept of LibreOffice remote arbitrary file disclosure vulnerability☆96Updated 7 years ago
- AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.☆56Updated 3 years ago
- Authenticate against a MySQL server without knowing the cleartext password☆227Updated 3 years ago
- ☆29Updated 6 years ago
- Improved decoder for Burp Suite☆137Updated 3 years ago
- Proof-of-concept program that is able to to hijack/hook/proxy Python module(s) thanks to $PYTHONPATH variable☆152Updated 8 years ago
- ☆133Updated 9 years ago
- Simple test for the May 2016 OpenSSL padding oracle (CVE-2016-2107)☆190Updated 6 years ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆50Updated 7 years ago
- SSRF Protection Library for PHP - http://safecurl.fin1te.net☆73Updated last year
- Publicly released tools/plugins from PPP for DEFCON 25 CTF Finals☆141Updated 6 years ago
- A command line Hash Identifying tool.☆101Updated 6 years ago
- PoC for CVE-2018-1002105.