kh4sh3i / ElasticSearch-Pentesting
ElasticSearch exploit and Pentesting guide for penetration tester
☆22Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for ElasticSearch-Pentesting
- Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)☆35Updated last year
- Just some random small tools for dealing with asp.net Forms Authentication Cookies☆22Updated 3 years ago
- Make better use of the embedded browser that comes by default with Burp☆38Updated 10 months ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆67Updated 2 years ago
- Bcheck scripts for Burp☆23Updated 3 months ago
- ☆27Updated last year
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆55Updated last year
- cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com☆38Updated 2 years ago
- Enumerate AWS cloud resources based on provided credential☆50Updated 2 years ago
- User enumeration and password spraying tool for testing Azure AD☆68Updated 2 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆48Updated 2 years ago
- ☆24Updated 2 years ago
- ☆23Updated last year
- A "Spring4Shell" vulnerability scanner.☆50Updated 2 years ago
- tool that generates bypasses for open redirects☆48Updated 2 years ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆47Updated 8 months ago
- NotSoCereal: A Deserialization exploit playground☆50Updated 2 years ago
- ☆26Updated 2 years ago
- Exploit for Symfony CVE-2024-50340 (forked eos)☆25Updated last week
- Simple Python script to sort nuclei scans by severity and URL☆29Updated last year
- ☆52Updated 6 months ago
- 🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯☆24Updated last year
- Open-Source Phishing Toolkit☆17Updated 3 years ago
- ☆47Updated 2 years ago
- Scanner for Cross-Site WebSocket Hijacking☆42Updated 4 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆25Updated 9 months ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆68Updated 10 months ago
- Just learning around new stuff mostly Red Teaming and such but will try to see if I can update or simplify them more, nothing too exotic …☆36Updated 2 years ago
- Dependency Confusion Security Testing Tool☆39Updated 2 years ago
- ☆19Updated 2 months ago