kira2040k / php_code_analysis

Related projects ⓘ

Alternatives and complementary repositories for php_code_analysis

• RedSection / pFuzz
  pFuzz helps us to bypass web application firewall by using different methods at the same time.
  ☆157Updated 3 years ago
• HightechSec / scarce-apache2
  A framework for bug hunting or pentesting targeting websites that have CVE-2021-41773 Vulnerability in public
  ☆62Updated 3 years ago
• Mad-robot / wordpress-exploits
  All known and unknown public POC's for wordpress themes and plugins
  ☆78Updated 3 years ago
• luisfontes19 / CSRFER
  Tool to generate csrf payloads based on vulnerable requests
  ☆62Updated 4 years ago
• gnothiseautonlw / burp-shell-fwd-lfi
  A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration
  ☆77Updated 4 years ago
• emadshanab / VOIP-Pentesting-checklist-Cheatsheet-Tools
  ☆51Updated 3 years ago
• xadhrit / xira
  xss vulnerability scanner and input fuzzing tool.
  ☆61Updated last year
• emadshanab / Nmap-NSE-scripts-collection
  ☆162Updated 2 years ago
• si9int / Subra
  A Web-UI for subdomain enumeration (subfinder)
  ☆53Updated 4 years ago
• pikpikcu / nuubi
  Nuubi Tools (Information-ghatering|Scanner|Recon.)
  ☆86Updated 4 years ago
• ethicalhackingplayground / gocrawler
  ☆33Updated 2 years ago
• moeinfatehi / Admin-Panel_Finder
  A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)
  ☆118Updated 2 years ago
• incogbyte / quickpress
  Small tool to automate SSRF wordpress and XMLRPC finder
  ☆80Updated last year
• cspshivam / easyrecon
  Tool to automate recon
  ☆41Updated 2 years ago
• praetorian-inc / proxylogon-exploit
  Proof-of-concept exploit for CVE-2021-26855 and CVE-2021-27065. Unauthenticated RCE in Exchange.
  ☆45Updated 3 years ago
• mansoorr123 / wp-file-manager-CVE-2020-25213
  https://medium.com/@mansoorr/exploiting-cve-2020-25213-wp-file-manager-wordpress-plugin-6-9-3f79241f0cd8
  ☆57Updated 4 years ago
• z3dc0ps / 0x0p1n3r
  0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover
  ☆56Updated 3 years ago
• Sunlight-Rim / SQLbit
  Just another script for automatize boolean-based blind SQL injections. (Demo)
  ☆53Updated 2 years ago
• hussein98d / LFI-files
  Wordlist to bruteforce for LFI
  ☆118Updated 5 years ago
• 0xspade / Combined-Wordlists
  A combined wordlists for files and directory discovery
  ☆116Updated 3 years ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆130Updated 3 years ago
• w4fz5uck5 / Pentest-notes
  Pentest stuff
  ☆49Updated 11 months ago
• ExpLangcn / agartha
  a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …
  ☆48Updated 2 years ago
• emadshanab / LFI-Payload-List
  LFI Payloads List coolected from github repos
  ☆71Updated 4 years ago
• yavolo / Web-CTF-Cheatsheet
  Web CTF CheatSheet 🐈
  ☆33Updated 5 years ago
• shabarkin / CodeAllTheThings
  A list of threat sinks used in the manual security source code review for application security
  ☆69Updated last year
• devpwn / xmlrpc-scan
  golang tool to scan domains or single domains with know security issues against xmlrpc
  ☆59Updated last year
• roottusk / xforwardy
  Host Header Injection Scanner
  ☆44Updated 4 years ago