huntergregal / PNG-IDAT-Payload-Generator
Generate a PNG with a payload embedded in the IDAT chunk (Based off of previous concepts and code -- credit in README)
☆196Updated last year
Related projects ⓘ
Alternatives and complementary repositories for PNG-IDAT-Payload-Generator
- (PoC) Python version of CVE-2019-11043 exploit by neex☆144Updated 5 years ago
- Exploit for Drupal 7 <= 7.57 CVE-2018-7600☆130Updated 6 years ago
- XSS Fuzzer is a tool which generates XSS payloads based on user-defined vectors and fuzzing lists.☆138Updated 5 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆511Updated 4 years ago
- Lab for exploring SSRF vulnerabilities☆245Updated 3 years ago
- A list of useful payloads for Web Application Security and Pentest/CTF☆291Updated 2 months ago
- Another way to bypass WAF Cheat Sheet (draft)☆415Updated 5 years ago
- Redis 4.x & 5.x RCE☆139Updated 5 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆172Updated 4 years ago
- Bypassing WAF by abusing SSL/TLS Ciphers☆303Updated 3 years ago
- POC Exploit for Apache Tomcat 7.0.x CVE-2017-12615 PUT JSP vulnerability.☆113Updated 2 years ago
- A simple PoC for WordPress RCE (author priviledge), refer to CVE-2019-8942 and CVE-2019-8943.☆74Updated 5 years ago
- exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts☆161Updated last year
- poison and relay NTLM credentials☆173Updated 5 years ago
- Rogue MySql Server☆467Updated 11 years ago
- MOGWAI LABS JMX exploitation toolkit☆197Updated last year
- Apache Tomcat Remote Code Execution on Windows☆185Updated 4 years ago
- WSDL Parser extension for Burp☆213Updated 6 years ago
- Data extraction tool for Docker Registry API☆123Updated 9 months ago
- Pip install exploit package☆156Updated 5 years ago
- CVE-2020–14882、CVE-2020–14883☆284Updated 3 years ago
- cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vul…☆139Updated 3 years ago
- Jackson Rce For CVE-2019-12384☆97Updated 5 years ago
- Multi-language web CGI interfaces exploits.☆387Updated 2 years ago
- Java serialization brute force attack tool.☆124Updated 7 years ago
- YSOSERIAL Integration with burp suite☆162Updated last year
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆295Updated 5 years ago
- Encoder to bypass WAF filters using XOR operations.☆250Updated 2 years ago
- 🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻☆149Updated 5 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆344Updated last year