its-arun / Werkzeug-Debug-RCE
Python script for exploiting Werkzeug Debug RCE useful for CTF
☆32Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for Werkzeug-Debug-RCE
- LFI to RCE via phpinfo() assistance or via controlled log file☆59Updated last year
- Python exploit for the CVE-2021-22204 vulnerability in Exiftool☆88Updated 3 years ago
- A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection☆69Updated 3 years ago
- Phar + JPG Polyglot generator and playground (CTF CODE)☆72Updated 5 years ago
- ☆39Updated 11 months ago
- CVE-2021-27928 MariaDB/MySQL-'wsrep provider' 命令注入漏洞☆60Updated last year
- Exploit for CVE-2021-3129☆65Updated 3 years ago
- InfluxDB CVE-2019-20933 vulnerability exploit☆39Updated 2 years ago
- RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer☆54Updated 4 years ago
- POC for CVE-2020-13151☆27Updated 4 years ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆100Updated 7 months ago
- ☆32Updated 2 years ago
- Wordlist to bruteforce for LFI☆118Updated 5 years ago
- WordPress - Authenticated XXE (CVE-2021-29447)☆42Updated 3 years ago
- Multi-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473☆102Updated 6 months ago
- Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1☆55Updated last year
- OpenNetAdmin 18.1.1 - Remote Code Execution☆29Updated 4 years ago
- Tool to enable blind sql injection attacks against websockets using sqlmap☆56Updated last year
- CVE-2021-40346 PoC (HAProxy HTTP Smuggling)☆39Updated 3 years ago
- ☆44Updated 2 years ago
- A utility for automating the testing and re-signing of Express.js cookie secrets.☆56Updated last year
- Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)☆37Updated 2 years ago
- Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell☆20Updated 2 years ago
- Repo for OSWE related video content for @SecAura Youtube Channel☆30Updated 2 years ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆112Updated 5 years ago
- Collection of username lists for enumerating kerberos domain users☆80Updated 6 years ago
- Old version of mimikatz for OSCP labs☆16Updated 4 years ago
- Gopher Tomcat Deployer☆47Updated 5 years ago
- Just some random small tools for dealing with asp.net Forms Authentication Cookies☆22Updated 3 years ago
- The following package is the standalone wordlist-only component to flask-unsign.☆37Updated 4 months ago