ezequielpereira / GAE-RCELinks
Google App Engine - Remote Code Execution bug ($36k bug bounty)
☆151Updated 7 years ago
Alternatives and similar repositories for GAE-RCE
Users that are interested in GAE-RCE are comparing it to the libraries listed below
Sorting:
- ☆272Updated 2 years ago
- Chrome < 62 uxss exploit (CVE-2017-5124)☆160Updated 7 years ago
- A list of publicly known but unfixed security bugs☆237Updated 7 years ago
- Authenticate against a MySQL server without knowing the cleartext password☆226Updated 3 years ago
- ☆166Updated 6 years ago
- This repo has been migrated to https://github.com/github/security-lab/tree/master/SecurityExploits☆251Updated 5 years ago
- Proof of concept of LibreOffice remote arbitrary file disclosure vulnerability☆96Updated 7 years ago
- ☆92Updated 6 years ago
- X41 Browser Security White Paper - Tools and PoCs☆184Updated 8 years ago
- The challenge source code and solutions for FBCTF 2019☆201Updated 2 years ago
- One-click utility to test race conditions☆165Updated 8 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆141Updated 8 years ago
- The Internetwache CTF 2016 repository☆74Updated 4 years ago
- ☆232Updated 6 years ago
- SSRF Protection Library for PHP - http://safecurl.fin1te.net☆73Updated 2 years ago
- TLS Redirection☆120Updated 7 years ago
- Slack bot for challenge management in large teams☆60Updated 2 years ago
- An example of obtaining RCE via Redis and CSRF☆76Updated 9 years ago
- ☆28Updated 6 years ago
- Stealing CSRF tokens with CSS injection (without iFrames)☆323Updated 7 years ago
- A security tool to fingerprint PNG libraries used by web applications☆81Updated 6 years ago
- New TLS Padding Oracles☆125Updated 2 years ago
- ☆352Updated 4 years ago
- Running CVE-2017-8759 exploit sample.☆255Updated 5 years ago
- 35C3 Junior CTF pwnables☆148Updated 6 years ago
- DNS rebinding is powerful: how to steal WiFi passwords by just tricking a victim into visiting a website, thanks to that fancy Bang & Olu…☆81Updated 6 years ago
- A visual fuzzer written in NodeJS to find Zalgo characters☆53Updated 7 years ago
- ☆252Updated 4 years ago
- AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.☆56Updated 3 years ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆50Updated 7 years ago