roughiz / lfito_rce
LFI to RCE via phpinfo() assistance or via controlled log file
☆57Updated last year
Related projects: ⓘ
- ☆38Updated 9 months ago
- Utility for creating ZipSlip archives☆66Updated last year
- ☆24Updated last year
- Tool to enable blind sql injection attacks against websockets using sqlmap☆56Updated 10 months ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆110Updated 4 years ago
- A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection☆69Updated 3 years ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆54Updated last year
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆51Updated 3 months ago
- Improve automated and semi-automated active scanning in Burp Pro☆60Updated 2 years ago
- ☆55Updated last month
- The following package is the standalone wordlist-only component to flask-unsign.☆36Updated 3 months ago
- ☆27Updated last year
- Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1☆54Updated last year
- Phar + JPG Polyglot generator and playground (CTF CODE)☆72Updated 5 years ago
- ☆159Updated 2 years ago
- Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege e…☆50Updated last year
- ☆54Updated last year
- ☆99Updated this week
- Dependency Confusion Security Testing Tool☆39Updated 2 years ago
- Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)☆86Updated 2 years ago
- Ghostscript command injection vulnerability PoC (CVE-2023-36664)☆116Updated last year
- NotSoCereal: A Deserialization exploit playground☆48Updated 2 years ago
- Small tool to automate SSRF wordpress and XMLRPC finder☆78Updated last year
- The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.☆56Updated 6 months ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆79Updated 3 months ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆115Updated last year
- Recurrent Neural Network SubDomain Discovery Tool☆90Updated last year
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆162Updated 3 years ago
- Multi-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473☆98Updated 4 months ago
- A simple remote scanner for Atlassian Jira☆117Updated last year