Blazing fast, advanced Padding Oracle exploit
ā276Dec 12, 2025Updated 5 months ago
Alternatives and similar repositories for padre
Users that are interested in padre are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- š CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.ā218Feb 3, 2023Updated 3 years ago
- Analyze your tryhackme progress!ā12May 27, 2024Updated 2 years ago
- Black box fuzzer for web applicationsā439Jul 20, 2025Updated 10 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.ā314May 16, 2024Updated 2 years ago
- CLI tool for PKCS7 padding oracle attacksā142Feb 25, 2021Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer ā¢ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Cloud Exploit Frameworkā112May 11, 2022Updated 4 years ago
- An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228ā12Dec 12, 2021Updated 4 years ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headersā359Dec 14, 2023Updated 2 years ago
- A small reverse shell for Linux & Windowsā638Jun 5, 2024Updated last year
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for cā¦ā441Dec 30, 2025Updated 4 months ago
- A Burp Extension that makes it easier to view all script code on a Response.ā17Nov 12, 2023Updated 2 years ago
- Scanning tool for identifying local privilege escalation issues in vulnerable MSI installersā126Sep 12, 2024Updated last year
- Discover hidden debugging parameters and uncover web application secretsā248Feb 4, 2026Updated 3 months ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.ā518Jun 22, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer ā¢ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ā27Aug 18, 2023Updated 2 years ago
- A tool to download program information from Bugcrowd, for use by researchers to compare programs they are eligible to participate inā21Dec 22, 2022Updated 3 years ago
- šŖ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.ā975Jan 10, 2025Updated last year
- A couple of different scripts, made to automate attacks against NoSQL databases.ā66Mar 13, 2024Updated 2 years ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applicationsā1,344Aug 7, 2025Updated 9 months ago
- NoBlindi is a command-line tool for exploiting blind NoSQL injection vulnerabilities to recover passwords in web applications.ā28Nov 12, 2023Updated 2 years ago
- User enumeration and password spraying tool for testing Azure ADā71Mar 3, 2022Updated 4 years ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. š¦ā666Aug 28, 2025Updated 9 months ago
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflowsā302Sep 8, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways ā¢ AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- An IIS short filename enumeration toolā1,164Nov 25, 2024Updated last year
- Find authentication (authn) and authorization (authz) security bugs in web application routes.ā279Sep 11, 2025Updated 8 months ago
- JMX enumeration and attacking tool.ā505Jun 26, 2025Updated 11 months ago
- Automated HTTP Request Repeating With Burp Suiteā39Apr 3, 2023Updated 3 years ago
- This tool is useful to find a particular string in a list of URLs using tesseract's OCR (Optical Character Recognition) capabilitiesā31Jan 17, 2022Updated 4 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectorsā91Feb 3, 2024Updated 2 years ago
- reverse shell using curlā475Apr 20, 2024Updated 2 years ago
- Exploits targeting vBulletin.ā75Apr 15, 2023Updated 3 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!ā1,081Mar 24, 2026Updated 2 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer ā¢ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Source code and examples for PassiveAggressionā64Jun 6, 2024Updated last year
- Spartacus DLL/COM Hijacking Toolkitā1,078Feb 1, 2024Updated 2 years ago
- ā20Jan 12, 2022Updated 4 years ago
- jsleak is a tool to find secret , paths or links in the source code during the recon.ā588Sep 25, 2025Updated 8 months ago
- ā308Mar 15, 2025Updated last year
- ā628Feb 5, 2026Updated 3 months ago
- Burp extension to track your current IP address. Extension focused for red teams where the attacker needs to log all used IP addresses.ā26Nov 2, 2025Updated 6 months ago