pentagridsec / archive_pwn
A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes
☆43Updated last year
Alternatives and similar repositories for archive_pwn:
Users that are interested in archive_pwn are comparing it to the libraries listed below
- Create tar/zip archives that try to exploit zipslip vulnerability.☆47Updated 6 months ago
- Additional active scan checks for BURP☆26Updated 5 months ago
- ☆60Updated 3 months ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆29Updated 2 months ago
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissions☆29Updated 6 months ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated 3 weeks ago
- dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-facto…☆41Updated 11 months ago
- An Evil OIDC Server☆53Updated 2 years ago
- ☆27Updated last year
- self-hosted Azure OSINT tool☆29Updated 6 months ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆22Updated 3 weeks ago
- ☆17Updated 2 years ago
- Finding sensitive information in the trimmed parts of cropped images☆29Updated 3 years ago
- A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.☆22Updated 5 months ago
- cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com☆39Updated 2 years ago
- FireProx written in Go☆19Updated 11 months ago
- an Evil Java RMI Registry.☆49Updated 2 years ago
- ☆58Updated last year
- Simple PoC for demonstrating Race Conditions on Websockets☆56Updated last year
- A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.☆39Updated 2 years ago
- ☆24Updated last year
- ☆16Updated 3 months ago
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆12Updated last year
- This library provides functionality for fetching and parsing information about Common Vulnerabilities and Exposures (CVE) using the NIST …☆14Updated last year
- Framework for blind boolean-based sql injections exploatation. Use it if sqlmap does shit.☆29Updated 3 years ago
- List of fresh and validated DNS resolvers updated every 12h.☆22Updated this week
- HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems.☆60Updated 4 months ago
- ☆27Updated 2 years ago
- ☆26Updated last week
- Melee: Tool to Detect Infections in MySQL Instances☆22Updated last year