A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes
☆43Nov 28, 2025Updated 3 months ago
Alternatives and similar repositories for archive_pwn
Users that are interested in archive_pwn are comparing it to the libraries listed below
Sorting:
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash☆51Oct 12, 2024Updated last year
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…�☆31Dec 26, 2023Updated 2 years ago
- Tricard - Malware Sandbox Fingerprinting☆23Dec 11, 2023Updated 2 years ago
- Java archive implant toolkit.☆61Apr 20, 2025Updated 10 months ago
- Secrets scanner that understands code☆192Nov 2, 2023Updated 2 years ago
- Additional active scan checks for BURP☆28Oct 3, 2024Updated last year
- Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.☆29Apr 3, 2025Updated 11 months ago
- ☆44Updated this week
- Linux CS bypass technique☆32Feb 4, 2025Updated last year
- ☆57Jan 28, 2024Updated 2 years ago
- ☆93Dec 15, 2025Updated 2 months ago
- gRPC / gRPC-Web Pentest Practicing Lab☆10Aug 29, 2023Updated 2 years ago
- ☆30Jul 28, 2024Updated last year
- Dump Kerberos tickets from the KCM database of SSSD☆56Dec 31, 2025Updated 2 months ago
- Tool for analyzing SAP Secure Network Communications (SNC).☆59Apr 16, 2024Updated last year
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Nov 30, 2025Updated 3 months ago
- ☆30Jan 12, 2023Updated 3 years ago
- PSSH provides parallel versions of OpenSSH and related tools.☆17Nov 26, 2022Updated 3 years ago
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- ☆16Jul 17, 2024Updated last year
- Semgrep rules to identify GWT attack surface☆12Apr 28, 2022Updated 3 years ago
- ☆13Jun 25, 2016Updated 9 years ago
- self-hosted Azure OSINT tool☆33Jun 24, 2025Updated 8 months ago
- JoomSploit is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆29Dec 19, 2023Updated 2 years ago
- Powershell SMBv3 Compression checker☆28Apr 1, 2023Updated 2 years ago
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts☆128Dec 23, 2025Updated 2 months ago
- A GraphQL enumeration and extraction tool☆133Jan 29, 2023Updated 3 years ago
- Tool for reconnaissance of AWS cloud environments☆16Oct 9, 2023Updated 2 years ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆62Jan 25, 2025Updated last year
- APK Infrastructure Investigator☆64Jun 20, 2023Updated 2 years ago
- Modular web-application honeypot platform built using go and gin☆63May 8, 2024Updated last year
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- GKE CIS 1.1.0 Benchmark InSpec Profile☆25Sep 7, 2021Updated 4 years ago
- FACT is a tool to collect, process and visualise forensic data from clusters of machines running in the cloud or on-premise.☆17Aug 30, 2024Updated last year
- IDA Pro плагин для отображения результата Coresight ETM трассировки perf'а☆17Sep 4, 2018Updated 7 years ago
- ☆14Jun 7, 2017Updated 8 years ago
- Tool based on @gaasedelen's lighthouse frida tool modified for capturing coverage of Android executables.☆21Sep 16, 2023Updated 2 years ago
- Useful Windows and AD tools☆15Feb 20, 2022Updated 4 years ago