kh4sh3i / ElasticSearch-Pentesting

Related projects ⓘ

Alternatives and complementary repositories for ElasticSearch-Pentesting

• 0xAkashsky / sub-scout
  Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)
  ☆35Updated last year
• liquidsec / aspnetCryptTools
  Just some random small tools for dealing with asp.net Forms Authentication Cookies
  ☆22Updated 3 years ago
• rs-loves-bugs / burp-browser-profiles
  Make better use of the embedded browser that comes by default with Burp
  ☆38Updated 10 months ago
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆67Updated 2 years ago
• yeswehack / BCheck-Burp-scripts
  Bcheck scripts for Burp
  ☆23Updated 3 months ago
• spyx / ParamAngler
  ☆27Updated last year
• cyberaz0r / Burp-IISTildeEnumerationScanner
  Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability
  ☆55Updated last year
• Sprocket-Security / cvetrends
  cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com
  ☆38Updated 2 years ago
• bassammaged / awsEnum
  Enumerate AWS cloud resources based on provided credential
  ☆50Updated 2 years ago
• optionalCTF / SSOh-No
  User enumeration and password spraying tool for testing Azure AD
  ☆68Updated 2 years ago
• ExpLangcn / agartha
  a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …
  ☆48Updated 2 years ago
• H0j3n / EzpzSharepoint
  ☆24Updated 2 years ago
• GoSecure / request-smuggling-workshop
  ☆23Updated last year
• redhuntlabs / Hunt4Spring
  A "Spring4Shell" vulnerability scanner.
  ☆50Updated 2 years ago
• wfinn / redirex
  tool that generates bypasses for open redirects
  ☆48Updated 2 years ago
• honoki / burp-digitalocean-openvpn-socks
  A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it
  ☆47Updated 8 months ago
• NotSoSecure / NotSoCereal-Lab
  NotSoCereal: A Deserialization exploit playground
  ☆50Updated 2 years ago
• cygenta / CVE-2020-3452
  ☆26Updated 2 years ago
• nollium / CVE-2024-50340-eos-exploit
  Exploit for Symfony CVE-2024-50340 (forked eos)
  ☆25Updated last week
• DingyShark / nuclei-scan-sort
  Simple Python script to sort nuclei scans by severity and URL
  ☆29Updated last year
• EasyRecon / wappaGo
  ☆52Updated 6 months ago
• haqqibrahim / Sling-Shot-R3con
  🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯
  ☆24Updated last year
• edermi / gophish_mods
  Open-Source Phishing Toolkit
  ☆17Updated 3 years ago
• carlospolop / Pastos
  ☆47Updated 2 years ago
• ambalabanov / cswsh-scanner
  Scanner for Cross-Site WebSocket Hijacking
  ☆42Updated 4 years ago
• BishopFox / ysoserial-bf
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆25Updated 9 months ago
• kljunowsky / XXElixir
  This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
  ☆68Updated 10 months ago
• dmcxblue / Red-Team-Notes
  Just learning around new stuff mostly Red Teaming and such but will try to see if I can update or simplify them more, nothing too exotic …
  ☆36Updated 2 years ago
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆39Updated 2 years ago
• harisec / orange-confusion-attacks
  ☆19Updated 2 months ago