pentagridsec / archive_pwnView external linksLinks
A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes
☆43Nov 28, 2025Updated 2 months ago
Alternatives and similar repositories for archive_pwn
Users that are interested in archive_pwn are comparing it to the libraries listed below
Sorting:
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash☆51Oct 12, 2024Updated last year
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆31Dec 26, 2023Updated 2 years ago
- Tricard - Malware Sandbox Fingerprinting☆23Dec 11, 2023Updated 2 years ago
- Java archive implant toolkit.☆61Apr 20, 2025Updated 9 months ago
- Secrets scanner that understands code☆193Nov 2, 2023Updated 2 years ago
- Additional active scan checks for BURP☆28Oct 3, 2024Updated last year
- Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.☆29Apr 3, 2025Updated 10 months ago
- ☆44Jul 21, 2025Updated 6 months ago
- Linux CS bypass technique☆32Feb 4, 2025Updated last year
- ☆57Jan 28, 2024Updated 2 years ago
- ☆94Dec 15, 2025Updated last month
- gRPC / gRPC-Web Pentest Practicing Lab☆10Aug 29, 2023Updated 2 years ago
- ☆30Jul 28, 2024Updated last year
- Dump Kerberos tickets from the KCM database of SSSD☆55Dec 31, 2025Updated last month
- Tool for analyzing SAP Secure Network Communications (SNC).☆57Apr 16, 2024Updated last year
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Nov 30, 2025Updated 2 months ago
- self-hosted Azure OSINT tool☆32Jun 24, 2025Updated 7 months ago
- ☆30Jan 12, 2023Updated 3 years ago
- Security tool against dependency typosquatting attacks☆54Updated this week
- ☆13Jun 25, 2016Updated 9 years ago
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- ☆16Jul 17, 2024Updated last year
- Semgrep rules to identify GWT attack surface☆12Apr 28, 2022Updated 3 years ago
- JoomSploit is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆29Dec 19, 2023Updated 2 years ago
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts☆127Dec 23, 2025Updated last month
- Powershell SMBv3 Compression checker☆28Apr 1, 2023Updated 2 years ago
- A GraphQL enumeration and extraction tool☆134Jan 29, 2023Updated 3 years ago
- Tool for reconnaissance of AWS cloud environments☆16Oct 9, 2023Updated 2 years ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆61Jan 25, 2025Updated last year
- exploit dev. stuff☆20Aug 7, 2012Updated 13 years ago
- APK Infrastructure Investigator☆64Jun 20, 2023Updated 2 years ago
- Modular web-application honeypot platform built using go and gin☆63May 8, 2024Updated last year
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- GKE CIS 1.1.0 Benchmark InSpec Profile☆25Sep 7, 2021Updated 4 years ago
- FACT is a tool to collect, process and visualise forensic data from clusters of machines running in the cloud or on-premise.☆17Aug 30, 2024Updated last year
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 4 years ago
- Deterministic record and replay and tracing of syzkaller bug reproducers☆20Apr 25, 2025Updated 9 months ago
- Useful Windows and AD tools☆15Feb 20, 2022Updated 3 years ago