Create tar/zip archives that try to exploit zipslip vulnerability.
☆48Sep 20, 2024Updated last year
Alternatives and similar repositories for zipslipper
Users that are interested in zipslipper are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆38Sep 25, 2024Updated last year
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated last year
- An interactive CLI application for interacting with authenticated Jupyter instances.☆55May 7, 2025Updated last year
- Burp Suite extension for testing Passkey systems.☆75Apr 1, 2025Updated last year
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆41Jan 25, 2026Updated 3 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Java archive implant toolkit.☆61Apr 20, 2025Updated last year
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Nov 30, 2025Updated 5 months ago
- Data about all known supply-chain attacks through history☆66May 28, 2025Updated 11 months ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆63Jan 25, 2025Updated last year
- ☆11Dec 19, 2024Updated last year
- Mystery of the Missing Samples☆25Apr 25, 2026Updated last week
- Security tool against dependency typosquatting attacks☆56Apr 27, 2026Updated last week
- A tool to reverse engineer and inspect the RPM and APT databases to list all the packages along with executables, service, versions and C…☆17Mar 29, 2026Updated last month
- ☆192Apr 16, 2025Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆49Dec 29, 2023Updated 2 years ago
- A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.☆30Oct 13, 2024Updated last year
- Hijack a slack bot to phish your way in☆57Jul 17, 2025Updated 9 months ago
- ☆40Aug 2, 2024Updated last year
- Used to check Github actions logs for secrets - specifically tj-actions and reviewdog☆23Mar 18, 2025Updated last year
- FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).☆183Jul 8, 2024Updated last year
- A tool to uncover undocumented APIs from the AWS Console.☆121Mar 16, 2026Updated last month
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Mar 9, 2025Updated last year
- Autonomous AI C2☆32Jul 23, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆163Updated this week
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆143Jan 2, 2025Updated last year
- The official website for The Discord Analytics for Risks & Threats Project.☆23Dec 29, 2025Updated 4 months ago
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆21Aug 25, 2024Updated last year
- A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.☆180Jan 9, 2026Updated 3 months ago
- ☆14Sep 1, 2024Updated last year
- ☆18Jul 30, 2024Updated last year
- A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by…☆88May 13, 2024Updated last year
- Validate the isolation posture of your container environment.☆314Feb 11, 2026Updated 2 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆93Dec 15, 2025Updated 4 months ago
- An Evil OIDC Server☆53Oct 19, 2022Updated 3 years ago
- AWS IAM Username Enumerator and Password Spraying Tool in Python3☆89Dec 7, 2025Updated 4 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆124Apr 25, 2026Updated last week
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Apr 27, 2026Updated last week
- A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes☆43Nov 28, 2025Updated 5 months ago
- Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passwor…☆42May 7, 2023Updated 2 years ago