kugg / tclscan
Scans tcl for command injection
☆36Updated 5 years ago
Related projects: ⓘ
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 6 years ago
- All about CVE-2018-14667; From what it is to how to successfully exploit it.☆47Updated 5 years ago
- OWASP Skanda - SSRF Exploitation Framework☆36Updated 11 years ago
- A Burp extension to show the Collaborator client in a tab☆36Updated last year
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆24Updated 5 years ago
- ☆31Updated 5 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆35Updated last year
- ☆41Updated 4 years ago
- Kubernetes Scanner☆41Updated 2 years ago
- A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!☆33Updated 5 years ago
- ☆35Updated 4 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆45Updated 5 years ago
- Some of my public exploits☆50Updated 4 years ago
- Extension adds a new tab in Burp Suite called Extractor☆42Updated 5 years ago
- Another plugin for CRLF vulnerability detection☆26Updated 7 years ago
- A collection of scripts used to interact with the Burp Rest API☆51Updated 5 years ago
- ☆34Updated this week
- notorious BIG IP☆15Updated 5 years ago
- CVE-2020-12828 PoC and Analysis.☆28Updated 4 years ago
- Burp extension to passively scan for applications revealing software version numbers☆30Updated 3 months ago
- Burp extension☆57Updated 6 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆38Updated 3 years ago
- RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler☆20Updated 10 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆22Updated 7 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Updated 5 years ago
- Try to detect HTTP desync attack (https://portswigger.net/blog/http-desync-attacks-request-smuggling-reborn)☆12Updated 5 years ago
- ☆34Updated 5 years ago
- miscellaneous security research stuff☆38Updated 5 years ago
- Burp Suite extension for JAX-RS☆65Updated 7 years ago
- CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE☆32Updated 5 years ago