oppsec / tomcter
πΉ Bruteforce Apache Tomcat manager login with default credentials
β101Updated last year
Alternatives and similar repositories for tomcter:
Users that are interested in tomcter are comparing it to the libraries listed below
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectorsβ85Updated last year
- CVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POCβ117Updated last year
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the intβ¦β114Updated 3 months ago
- Unofficial Acunetix CLI tool for automated pentesting and bug hunting across large scopes.β80Updated last year
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)β75Updated 9 months ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.β75Updated last year
- A rapid HTTP downgrade smuggling scanner written in Go.β253Updated 10 months ago
- CVE Collection of jQuery UI XSS Payloadsβ118Updated 2 years ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HEβ53Updated 5 months ago
- BChecks collection for Burp Suite Professionalβ94Updated 9 months ago
- WEB-Wordlist-Generator creates related wordlists after scanning your web applications.β49Updated 9 months ago
- PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)β87Updated 2 years ago
- β34Updated 2 years ago
- Burp Suite's extension to scan and crawl Single Page Applicationsβ102Updated last year
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticalsβ¦β65Updated last year
- Exploits targeting vBulletin.β76Updated last year
- GeoServer Remote Code Executionβ78Updated 7 months ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through itβ49Updated last year
- Mine URLs from Browser's Heap Snapshot for fun and profitβ63Updated last year
- Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluenceβ75Updated last year
- β58Updated last year
- External recon toolkitβ45Updated 2 months ago
- phpMyAdmin XSSβ116Updated 4 months ago
- Authentication Bypass in GoAnywhere MFTβ61Updated last year
- CVE-2024-3400-RCEβ86Updated 11 months ago
- POC for CVE-2024-36991: This exploit will attempt to read Splunk /etc/passwd file.β117Updated 8 months ago
- A command-line utility for performing reverse DNS lookupsβ68Updated last year
- Repository of AI-generated Nuclei templates for public CVEs not yet covered by existing templates, enhancing detection speed and coverageβ¦β72Updated 3 months ago
- Apache Spark Shell Command Injection Vulnerabilityβ88Updated 2 years ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokensβ154Updated 3 months ago