roughiz / lfito_rce
LFI to RCE via phpinfo() assistance or via controlled log file
☆61Updated 2 years ago
Alternatives and similar repositories for lfito_rce:
Users that are interested in lfito_rce are comparing it to the libraries listed below
- ☆39Updated last year
- Tool to enable blind sql injection attacks against websockets using sqlmap☆58Updated last year
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆75Updated last year
- A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection☆70Updated 3 years ago
- ☆48Updated 2 years ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆57Updated 9 months ago
- Just some random small tools for dealing with asp.net Forms Authentication Cookies☆23Updated 3 years ago
- Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1☆56Updated last year
- ☆34Updated last year
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆124Updated 5 years ago
- Utility for creating ZipSlip archives☆70Updated 2 years ago
- Improve automated and semi-automated active scanning in Burp Pro☆61Updated 2 years ago
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆75Updated 9 months ago
- Ghostscript command injection vulnerability PoC (CVE-2023-36664)☆115Updated last year
- RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer☆55Updated 5 years ago
- Exploits targeting vBulletin.☆76Updated last year
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆117Updated last year
- Phar + JPG Polyglot generator and playground (CTF CODE)☆84Updated 6 years ago
- Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability☆80Updated 11 months ago
- CVE-2021-27928 MariaDB/MySQL-'wsrep provider' 命令注入漏洞☆62Updated last year
- Multi-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473☆106Updated 10 months ago
- ☆25Updated 2 years ago
- WordPress - Authenticated XXE (CVE-2021-29447)☆42Updated 3 years ago
- ☆103Updated 2 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆77Updated 4 months ago
- The following package is the standalone wordlist-only component to flask-unsign.☆37Updated 8 months ago
- CVE-2023-33733 reportlab RCE☆114Updated last year
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆67Updated 3 years ago
- Web cache poisoning vulnerability scanner.☆64Updated 2 years ago
- ☆36Updated last month