ffleming / timing_attack
Perform timing attacks against web applications
☆119Updated 4 years ago
Related projects: ⓘ
- BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.☆172Updated last year
- A simple tool for offline searching of default credentials for network devices, web applications and more.☆165Updated 6 years ago
- Working Python test and PoC for CVE-2018-11776, includes Docker lab☆126Updated 6 years ago
- ☆178Updated 10 years ago
- myBFF - a Brute Force Framework☆137Updated 9 months ago
- VOIP Security Audit Framework☆106Updated 6 years ago
- The Guppy Proxy (GUI Pappy)☆142Updated 5 years ago
- vcsmap is a plugin-based tool to scan public version control systems for sensitive information.☆134Updated 3 years ago
- A DNS connectback shell executed by strings in payloads.txt☆100Updated last year
- try privilege escalation changing sudo command☆118Updated 6 years ago
- The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch☆111Updated 3 years ago
- DEPRECATED, Nozzlr is a bruteforce framework, trully modular and script-friendly☆63Updated last year
- SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.☆252Updated 3 months ago
- XIP generates a list of IP addresses by applying a set of transformations used to bypass security measures e.g. blacklist filtering, WAF,…☆76Updated 5 years ago
- Very crude and poorly written HTTP(s) and SMTP bin☆92Updated 3 years ago
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆135Updated 4 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆44Updated 7 years ago
- Improved decoder for Burp Suite☆134Updated 3 years ago
- Tool to help identify timing attacks☆68Updated 13 years ago
- Some scripts and exploits☆142Updated 6 years ago
- Abusing Self-XSS and Clickjacking to trigger XSS☆130Updated 7 years ago
- ☆87Updated 3 months ago
- Everything you need to exploit overly permissive crossdomain.xml files☆86Updated 9 years ago
- ☆89Updated 5 years ago
- DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations.☆145Updated 5 years ago
- Network based protocol fuzzer☆66Updated 2 years ago
- Provide a shell-like interface for exploiting Remote File Inclusion vulnerabilities.☆46Updated 7 years ago
- Dumain Bruteforcer - a fast and flexible domain bruteforcer☆53Updated 6 years ago
- Rex provides a variety of classes useful for security testing and exploit development.☆50Updated 11 months ago