httpoxy / php-fpm-httpoxy-poc
A PoC for exploiting Guzzle's HTTP_PROXY untrusted read
☆53Updated 8 years ago
Related projects: ⓘ
- ☆24Updated this week
- Examples from The Hitchhiker's Guide To Cross-Site Scripting (XSS)☆45Updated 12 years ago
- CodeIgniter <=2.1.4 session cookie decryption vulnerability☆39Updated 8 years ago
- 🔥 A checker site for MS15-034 / CVE-2015-1635☆38Updated 9 years ago
- A script that inspects multi-byte character sets looking for characters with specific user-defined properties☆25Updated 8 years ago
- Chrome < 62 uxss exploit (CVE-2017-5124)☆161Updated 6 years ago
- PHPEB is a small tool that generates and stores obfuscated shellcode in user specified EXIF handlers.☆78Updated 7 years ago
- Win32/Critroni (CTB-Locker) - Web version☆37Updated 8 years ago
- ☆20Updated this week
- PHP tool to scan ADOdb code for SQL Injections☆31Updated 8 years ago
- Scalp! is a log analyzer for the Apache web server that aims to look for security problems☆57Updated 3 years ago
- A php webshell run under linux based webservers. v0.05☆47Updated 9 years ago
- Duncan - Blind SQL injector skeleton☆56Updated 2 years ago
- Fuzzer for PHP internal functions☆31Updated 12 years ago
- A dashboard for interesting DOM tricks/techniques.☆36Updated 3 years ago
- SSRF Protection Library for PHP - http://safecurl.fin1te.net☆73Updated last year
- ☆80Updated 3 years ago
- Abusing fts3_tokenizer☆10Updated 8 years ago
- PHP extension for web-application dynamic analysis.☆27Updated 5 years ago
- Server Shield is a lightweight method of protecting and hardening your Linux server. It is easy to install, hard to mess up, and makes yo…☆173Updated 11 years ago
- ☆34Updated this week
- Django Web UI contributed by Yandex for w3af.☆51Updated 9 years ago
- Proof-of-concept to exploit the flaw in the PHP-GD built-in function, imagecreatefromjpeg()☆143Updated 9 years ago
- Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers☆71Updated 7 years ago
- Webkit uxss exploit (CVE-2017-7089)☆64Updated 6 years ago
- A CSRF demonstration of stealing local Redis data, and encrypting all Redis instances on a local network☆53Updated 7 years ago
- ☆21Updated this week
- ☆73Updated this week
- A PHP version scanner for reporting possible vulnerabilities☆254Updated 4 years ago
- ☆71Updated 8 years ago