mattiasgeniar / php-exploit-scripts
A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.
☆831Updated 6 months ago
Related projects: ⓘ
- A collection of PHP backdoors. For educational or testing purposes only.☆2,200Updated 6 months ago
- Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!☆1,872Updated 3 years ago
- Advanced Web Shell☆571Updated 7 years ago
- A Ruby framework designed to aid in the penetration testing of WordPress systems.☆1,016Updated 4 years ago
- Detect potentially malicious PHP files☆1,466Updated 11 months ago
- PHP Secure Configuration Checker☆813Updated 5 months ago
- Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells…☆813Updated 8 years ago
- PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container☆403Updated last year
- Clone of svn repository of http://insecurety.net/projects/web-malware/ project☆455Updated 7 years ago
- Plecost - Wordpress finger printer Tool☆338Updated last year
- Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield☆445Updated 2 years ago
- Nano is a family of PHP web shells which are code golfed for stealth.☆431Updated 4 years ago
- Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor☆2,191Updated 4 months ago
- Wordpress Attack Suite☆924Updated 3 years ago
- PHP-based anti-virus anti-trojan anti-malware solution.☆418Updated 2 months ago
- RIPS - A static source code analyser for vulnerabilities in PHP scripts☆310Updated 2 years ago
- CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues☆949Updated 3 years ago
- A black box, Ruby powered, Joomla vulnerability scanner☆271Updated 6 years ago
- PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based …☆791Updated 9 years ago
- Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)☆575Updated 3 years ago
- Shell Detector – is a application that helps you find and identify php/cgi(perl)/asp/aspx shells. Shell Detector has a “web shells” signa…☆401Updated 4 years ago
- A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.☆1,252Updated 8 months ago
- XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.☆1,686Updated 4 years ago
- PHP Security Check List [ EN ] 🌋 ☣️☆295Updated 4 years ago
- Various webshells. We accept pull requests for additions to this collection.☆878Updated 11 months ago
- Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes wit…☆1,147Updated 6 years ago
- SQL Injection Exploitation Tool☆713Updated 5 years ago
- ☆760Updated this week
- Chromebackdoor is a PoC of pentest tool, this tool use a MITB technique for generate a windows executable ".exe" after launch run a malic…☆505Updated 7 years ago