oppsec / tomcter

Related projects: ⓘ

• ErikWynter / CVE-2023-22515-Scan
  Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluence
  ☆73Updated 11 months ago
• vchan-in / CVE-2023-35078-Exploit-POC
  CVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC
  ☆117Updated last year
• Hackmanit / template-injection-table
  The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.
  ☆56Updated 6 months ago
• Moopinger / CLZero
  A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors
  ☆84Updated 7 months ago
• cve-sandbox / jquery-ui
  CVE Collection of jQuery UI XSS Payloads
  ☆110Updated last year
• devanshbatham / revit
  A command-line utility for performing reverse DNS lookups
  ☆57Updated last year
• danialhalo / AcuAutomate
  Unofficial Acunetix CLI tool for automated pentesting and bug hunting across large scopes.
  ☆70Updated 10 months ago
• carlosevieira / CVE-2022-40684
  PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)
  ☆87Updated last year
• cosad3s / hfinder
  Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE
  ☆52Updated 7 months ago
• nowak0x01 / WPXStrike
  WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…
  ☆58Updated 8 months ago
• OsmanKandemir / web-wordlist-generator
  WEB-Wordlist-Generator creates related wordlists after scanning your web applications.
  ☆41Updated 3 months ago
• Chocapikk / CVE-2024-36401
  GeoServer Remote Code Execution
  ☆69Updated last month
• h4x0r-dz / CVE-2024-21893.py
  CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure
  ☆91Updated 7 months ago
• kljunowsky / XXElixir
  This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
  ☆68Updated 8 months ago
• miko550 / CVE-2023-32315
  Openfire Console Authentication Bypass Vulnerability with RCE plugin
  ☆41Updated 6 months ago
• dipakpanchal05 / CVE-2022-23808
  phpMyAdmin XSS
  ☆113Updated 2 years ago
• sinsinology / CVE-2024-4358
  Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)
  ☆71Updated 3 months ago
• horizon3ai / CVE-2024-0204
  Authentication Bypass in GoAnywhere MFT
  ☆63Updated 7 months ago
• 0x4xel / Bat-Potato
  Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.
  ☆34Updated last year
• GgBoom-993 / xorshell
  Encoder PHP webshell to bypass WAF using XOR operations.
  ☆52Updated last year
• d0ge / sign-saboteur
  SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens
  ☆134Updated 3 months ago
• Proviesec / PSFuzz
  Proviesec Fuzz Scanner - dir/path web scanner
  ☆98Updated 2 weeks ago
• devanshbatham / rayder-workflows
  Repo for hosting rayder workflows
  ☆55Updated last year
• doyensec / Prototype-Pollution-Gadgets-Finder
  ☆74Updated 4 months ago
• emadshanab / BChecks-Collection
  BChecks collection for Burp Suite Professional
  ☆82Updated 3 months ago
• blacklanternsecurity / baddns
  Check subdomains for subdomain takeovers and other DNS tomfoolery
  ☆96Updated this week
• jakabakos / CVE-2023-36664-Ghostscript-command-injection
  Ghostscript command injection vulnerability PoC (CVE-2023-36664)
  ☆116Updated last year
• Moopinger / smugglefuzz
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆242Updated 4 months ago
• e1abrador / Burp-Encode-IP
  Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.
  ☆41Updated 6 months ago
• emrekybs / nim-shell
  Reverse shell that can bypass windows defender detection
  ☆151Updated 7 months ago