miscellaneous security research stuff
☆37Jul 16, 2019Updated 6 years ago
Alternatives and similar repositories for research
Users that are interested in research are comparing it to the libraries listed below
Sorting:
- ☆13Oct 3, 2023Updated 2 years ago
- rlyCTF (relay CTF) challenge to emulate real-world SSRF attacks.☆10Apr 13, 2019Updated 6 years ago
- (Wordpress) Ninja Forms File Uploads Extension <= 3.0.22 – Unauthenticated Arbitrary File Upload☆17May 17, 2019Updated 6 years ago
- ajpclient is a small command line tool that aims to be to AJP what curl is to HTTP.☆12Jul 18, 2017Updated 8 years ago
- Python script to exploit java unserialize on t3 (Weblogic)☆61Aug 9, 2017Updated 8 years ago
- "HeaderScan" Burp Plugin☆16Apr 26, 2014Updated 11 years ago
- 优质安全 list☆12Nov 22, 2017Updated 8 years ago
- CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE☆106Jul 18, 2019Updated 6 years ago
- Interactive Post Exploitation Tool☆37Oct 1, 2019Updated 6 years ago
- Security test tool for Blind XSS☆26Mar 5, 2020Updated 6 years ago
- CVE-2018-16341 - Nuxeo Remote Code Execution without authentication using Server Side Template Injection☆24Jun 5, 2019Updated 6 years ago
- A command-line fuzzer for the Apache JServ Protocol (ajp13)☆96Nov 15, 2022Updated 3 years ago
- Directory transversal to remote code execution☆70Oct 15, 2019Updated 6 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- ☆25May 30, 2017Updated 8 years ago
- Weblogic coherence.jar RCE☆176May 10, 2020Updated 5 years ago
- A Burp extension to show the Collaborator client in a tab☆36Dec 23, 2022Updated 3 years ago
- RDP EXPLOİT☆13Oct 28, 2019Updated 6 years ago
- Repo of useful scripts☆104Jun 30, 2020Updated 5 years ago
- exploit Apache Flink Web Dashboard unauth rce on right way by python2 scripts☆90Nov 13, 2019Updated 6 years ago
- Zoho ManageEngine Desktop Central CVEs☆15Oct 5, 2020Updated 5 years ago
- SECD machine and Lispkit Lisp compiler, in Python☆10Oct 25, 2017Updated 8 years ago
- just a python script for cve-2017-12615☆11Oct 1, 2017Updated 8 years ago
- Script to test for Cisco ASA path traversal vulnerability (CVE-2018-0296) and extract system information.☆206Feb 15, 2024Updated 2 years ago
- Simple burp extension for routing traffic over tor. It instruments tor to switch to a new circuit after every N requests.☆20Jun 20, 2022Updated 3 years ago
- Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE☆176Dec 15, 2022Updated 3 years ago
- Apache Solr远程代码执行漏洞(CVE-2019-0193) Exploit☆66Jul 8, 2020Updated 5 years ago
- CVE-2017-9506 - SSRF☆190Feb 14, 2022Updated 4 years ago
- ☆35Nov 3, 2019Updated 6 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆185May 27, 2020Updated 5 years ago
- This repo contains code of JScript .NET which can be used as alternative to csc.exe to run potentially malicious code, which ships in all…☆13Nov 8, 2019Updated 6 years ago
- PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM☆52Mar 14, 2018Updated 8 years ago
- dump foxmail password 提取foxmail中存储的邮箱密码☆22Jan 26, 2018Updated 8 years ago
- Burp Suite Extension to monitor new scope☆200Mar 31, 2021Updated 4 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆23May 21, 2019Updated 6 years ago
- Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)☆364Jan 11, 2020Updated 6 years ago
- ☆148Feb 17, 2022Updated 4 years ago
- Spring Boot Actuator (jolokia) XXE/RCE☆324Jun 16, 2020Updated 5 years ago
- Some debug notes and exploit(not blind)☆39Jul 28, 2019Updated 6 years ago