oppsec / pwnfaces
π Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)
β18Updated last year
Alternatives and similar repositories for pwnfaces:
Users that are interested in pwnfaces are comparing it to the libraries listed below
- π WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.β26Updated last year
- Wolfy AV Bypasserβ28Updated 2 years ago
- β46Updated 2 years ago
- BurpSuite extension to convert requests into bcheck scriptsβ31Updated last year
- Just some random small tools for dealing with asp.net Forms Authentication Cookiesβ23Updated 3 years ago
- https://github.com/ManhNho/AWAE-OSWEβ11Updated 4 years ago
- β7Updated last year
- User enumeration and password spraying tool for testing Azure ADβ69Updated 2 years ago
- Pipe nmap verbose output to a usable format for httpx or host:port notation.β16Updated 2 years ago
- γπͺγLinux Backdoor based on ICMP protocolβ59Updated 2 months ago
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticalsβ¦β65Updated last year
- A websocket-based reverse (javascript) shell for XSS attacks.β29Updated 2 years ago
- A better way of querying certificate transparency logsβ82Updated 2 months ago
- Quickly find all identities someone has used on their Github commitsβ15Updated 6 months ago
- β43Updated last year
- Exploit for Symfony CVE-2024-50340 (forked eos)β27Updated 2 months ago
- β47Updated 2 years ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.β36Updated 2 years ago
- Exploits targeting vBulletin.β76Updated last year
- Check for CVE-2024-22024 vulnerability in Ivanti Connect Secureβ29Updated last year
- Zimbra Unauthenticated Remote Code Execution Exploit (CVE-2022-27925)β57Updated 2 years ago
- This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.β37Updated 2 years ago
- This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"β26Updated 6 years ago
- Nmapurls parses Nmap xml reports from either piped input or command line arg and outputs a list of http(s) URL's to be used in an automatβ¦β39Updated last year
- F5 BIG-IP iControl REST vulnerability RCE exploit with Java including a testing LABβ13Updated last year
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.β74Updated last year
- Make better use of the embedded browser that comes by default with Burpβ42Updated last year
- A Python based ingestor for BloodHoundβ83Updated 2 years ago
- Tooling for the OffSec Experienced Pentester (OSEP) and OffSec Exploit Developer (OSED) courseβ16Updated 11 months ago
- Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.β46Updated 6 months ago