oppsec / tomcter
πΉ Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with default credentials.
β101Updated 8 months ago
Related projects β
Alternatives and complementary repositories for tomcter
- CVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POCβ117Updated last year
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectorsβ85Updated 9 months ago
- The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.β65Updated 8 months ago
- CVE Collection of jQuery UI XSS Payloadsβ115Updated last year
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the intβ¦β106Updated last week
- A command-line utility for performing reverse DNS lookupsβ59Updated last year
- Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluenceβ75Updated last year
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticalsβ¦β60Updated 10 months ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HEβ52Updated 3 weeks ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.β68Updated 10 months ago
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.β42Updated 8 months ago
- WEB-Wordlist-Generator creates related wordlists after scanning your web applications.β43Updated 5 months ago
- A Burp Suite extension for finding DNS vulnerabilities in web applications!β94Updated last year
- A rapid HTTP downgrade smuggling scanner written in Go.β248Updated 6 months ago
- Apache Spark Shell Command Injection Vulnerabilityβ87Updated 2 years ago
- PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)β87Updated 2 years ago
- Text4Shell scanner for Burp Suiteβ191Updated 2 years ago
- A better way of querying certificate transparency logsβ75Updated last year
- Encoder PHP webshell to bypass WAF using XOR operations.β51Updated last year
- GeoServer Remote Code Executionβ74Updated 3 months ago
- A go-exploit to scan for Juniper firewalls vulnerable to CVE-2023-36845β60Updated 3 weeks ago
- Unofficial Acunetix CLI tool for automated pentesting and bug hunting across large scopes.β71Updated last year
- A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.β112Updated this week
- BChecks collection for Burp Suite Professionalβ83Updated 5 months ago
- Authentication Bypass in GoAnywhere MFTβ64Updated 9 months ago
- β69Updated 6 months ago
- Web API for nuclei and subfinder will help you automate your entire security testing workflow since you can host it anywhere and make it β¦β60Updated 2 years ago
- β31Updated 2 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to β¦β48Updated 2 years ago
- β80Updated 6 months ago