farisv / PIL-RCE-Ghostscript-CVE-2018-16509
PoC + Docker Environment for Python PIL/Pillow Remote Shell Command Execution via Ghostscript CVE-2018-16509
☆58Updated 4 years ago
Alternatives and similar repositories for PIL-RCE-Ghostscript-CVE-2018-16509:
Users that are interested in PIL-RCE-Ghostscript-CVE-2018-16509 are comparing it to the libraries listed below
- RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer☆55Updated 5 years ago
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- LFI to RCE via phpinfo() assistance or via controlled log file☆66Updated 2 years ago
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆27Updated 4 years ago
- WordPress Plugin Update Confusion☆66Updated 3 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Updated 4 years ago
- A Burp Suite extension which augments your proxy traffic by injecting log4shell payloads into headers☆42Updated 3 years ago
- ☆39Updated last year
- Wordlist to bruteforce for LFI☆123Updated 5 years ago
- ☆51Updated 2 years ago
- ☆164Updated 3 years ago
- Burp Bounty profiles☆82Updated 3 years ago
- WordPress - Authenticated XXE (CVE-2021-29447)☆42Updated 3 years ago
- A extension for collecting parameters☆25Updated 4 years ago
- A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks☆58Updated 5 years ago
- Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1☆57Updated last year
- CVE-2021-40346 PoC (HAProxy HTTP Smuggling)☆40Updated 3 years ago
- A Web-UI for subdomain enumeration (subfinder)☆54Updated 4 years ago
- HTTP request smuggling tools☆18Updated 4 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆132Updated 4 years ago
- Authenticated SSRF in Grafana☆82Updated 10 months ago
- All known and unknown public POC's for wordpress themes and plugins☆78Updated 3 years ago
- A XSS mind map ;)☆56Updated 9 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆109Updated 3 years ago
- Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes☆31Updated 2 years ago
- A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection☆70Updated 4 years ago
- Server and avi file to exploit FFmpeg HLS parse☆21Updated 5 years ago
- ☆25Updated 2 years ago
- ☆76Updated 4 years ago
- In this repository I'll host my research and methodologies for auditing vulnerabilities☆30Updated 5 years ago