hvqzao / burp-wildcard

Related projects: ⓘ

• wh1t3p1g / ysoserial
  forked from frohoff/ysoserial and added my own payloads.
  ☆149Updated 4 years ago
• mhaskar / XMLDecoder-payload-generator
  A simple python script to generate XML payloads works for XMLDecoder based on ProcessBuilder and Runtime exec
  ☆148Updated 3 years ago
• codewhitesec / ColdFusionPwn
  Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12
  ☆96Updated last year
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆123Updated 5 years ago
• jas502n / solr_rce
  Apache Solr RCE via Velocity template
  ☆106Updated 4 years ago
• xawdxawdx / sentrySSRF
  Tool to searching sentry config on page or in javascript files and check blind SSRF
  ☆67Updated 3 months ago
• kiks7 / rusty_joomla_rce
  Rusty Joomla RCE Exploit
  ☆70Updated last year
• 0xzmz / burpsuite_jsapi
  A BurpSuite extension written by Python,used to find API interface in JS file.
  ☆114Updated last year
• jas502n / SpringBoot_Actuator_RCE
  SpringBoot_Actuator_RCE
  ☆97Updated 4 years ago
• gh0stkey / BurpSuite-Extender-MarkInfo
  ☆119Updated this week
• gh0stkey / JSONandHTTPP
  Burp Suite Plugin: Convert the json text that returns the body into HTTP request parameters.
  ☆98Updated 3 years ago
• PortSwigger / authz
  ☆104Updated 7 years ago
• theLSA / burp-sensitive-param-extractor
  burpsuite extension for check and extract sensitive request parameter
  ☆109Updated 3 years ago
• random-robbie / cve-2020-0688
  cve-2020-0688
  ☆161Updated 4 years ago
• jas502n / CVE-2019-11580
  CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE
  ☆105Updated 5 years ago
• CHYbeta / OddProxyDemo
  ☆185Updated 4 months ago
• kingkaki / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆100Updated 4 years ago
• ezelf / f5_cookieLeaks
  Decode the cookies set by balancer F5, and disclousure all pool ip
  ☆77Updated 4 years ago
• LandGrey / xxe-ftp-server
  xxe oob receive file via web and ftp server
  ☆92Updated 4 years ago
• Y4er / CVE-2020-14645
  Weblogic CVE-2020-14645 UniversalExtractor JNDI injection getDatabaseMetaData()
  ☆79Updated 4 years ago
• wuppp / shiro_rce_exp
  Shiro RCE (Padding Oracle Attack)
  ☆142Updated 4 years ago
• zer0yu / BugBounty
  web fuzzing && bug hunter
  ☆59Updated 2 years ago
• Echocipher / Subdomain-Takeover
  一个子域名接管检测工具
  ☆138Updated 3 years ago
• LandGrey / flink-unauth-rce
  exploit Apache Flink Web Dashboard unauth rce on right way by python2 scripts
  ☆88Updated 4 years ago
• shadowsock5 / notes
  ☆60Updated 9 months ago
• Al1ex / CVE-2020-36179
  CVE-2020-36179~82 Jackson-databind SSRF&RCE
  ☆80Updated 3 years ago
• spaceraccoon / spring-boot-actuator-h2-rce
  Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database
  ☆103Updated 4 years ago
• QdghJ / burp_data_collector
  A Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting
  ☆89Updated 3 years ago
• GreyOrder / CVE-2021-26855
  ☆130Updated this week
• jas502n / CVE-2019-0232
  Apache Tomcat Remote Code Execution on Windows - CGI-BIN
  ☆75Updated 5 years ago