Blazing fast, advanced Padding Oracle exploit
ā267Dec 12, 2025Updated 3 months ago
Alternatives and similar repositories for padre
Users that are interested in padre are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- š CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.ā217Feb 3, 2023Updated 3 years ago
- Analyze your tryhackme progress!ā12May 27, 2024Updated last year
- Black box fuzzer for web applicationsā437Jul 20, 2025Updated 8 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.ā313May 16, 2024Updated last year
- CLI tool for PKCS7 padding oracle attacksā142Feb 25, 2021Updated 5 years ago
- Wordpress hosting with auto-scaling on Cloudways ā¢ AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Cloud Exploit Frameworkā112May 11, 2022Updated 3 years ago
- An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228ā12Dec 12, 2021Updated 4 years ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headersā358Dec 14, 2023Updated 2 years ago
- A Burp Extension that makes it easier to view all script code on a Response.ā17Nov 12, 2023Updated 2 years ago
- A small reverse shell for Linux & Windowsā619Jun 5, 2024Updated last year
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for cā¦ā438Dec 30, 2025Updated 2 months ago
- Scanning tool for identifying local privilege escalation issues in vulnerable MSI installersā126Sep 12, 2024Updated last year
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.ā518Jun 22, 2022Updated 3 years ago
- ā27Aug 18, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient ā¢ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- A tool to download program information from Bugcrowd, for use by researchers to compare programs they are eligible to participate inā21Dec 22, 2022Updated 3 years ago
- šŖ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.ā969Jan 10, 2025Updated last year
- A couple of different scripts, made to automate attacks against NoSQL databases.ā66Mar 13, 2024Updated 2 years ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applicationsā1,297Aug 7, 2025Updated 7 months ago
- NoBlindi is a command-line tool for exploiting blind NoSQL injection vulnerabilities to recover passwords in web applications.ā28Nov 12, 2023Updated 2 years ago
- Discover hidden debugging parameters and uncover web application secretsā246Feb 4, 2026Updated last month
- User enumeration and password spraying tool for testing Azure ADā71Mar 3, 2022Updated 4 years ago
- An IIS short filename enumeration toolā1,132Nov 25, 2024Updated last year
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. š¦ā660Aug 28, 2025Updated 7 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI ā¢ AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflowsā300Sep 8, 2023Updated 2 years ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.ā281Sep 11, 2025Updated 6 months ago
- JMX enumeration and attacking tool.ā499Jun 26, 2025Updated 9 months ago
- Automated HTTP Request Repeating With Burp Suiteā39Apr 3, 2023Updated 2 years ago
- This tool is useful to find a particular string in a list of URLs using tesseract's OCR (Optical Character Recognition) capabilitiesā31Jan 17, 2022Updated 4 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectorsā90Feb 3, 2024Updated 2 years ago
- reverse shell using curlā476Apr 20, 2024Updated last year
- Exploits targeting vBulletin.ā74Apr 15, 2023Updated 2 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!ā987Jan 12, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean ā¢ AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- jsleak is a tool to find secret , paths or links in the source code during the recon.ā581Sep 25, 2025Updated 6 months ago
- Spartacus DLL/COM Hijacking Toolkitā1,080Feb 1, 2024Updated 2 years ago
- Source code and examples for PassiveAggressionā64Jun 6, 2024Updated last year
- ā20Jan 12, 2022Updated 4 years ago
- ā621Feb 5, 2026Updated last month
- ā307Mar 15, 2025Updated last year
- Burp extension to track your current IP address. Extension focused for red teams where the attacker needs to log all used IP addresses.ā26Nov 2, 2025Updated 4 months ago