roughiz / lfito_rce

Related projects: ⓘ

• PortSwigger / serialization-examples
  ☆38Updated 9 months ago
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆66Updated last year
• synacktiv / laravel_cookie_killer
  ☆24Updated last year
• BKreisel / sqlmap-websocket-proxy
  Tool to enable blind sql injection attacks against websockets using sqlmap
  ☆56Updated 10 months ago
• teambi0s / dfunc-bypasser
  This tool is for letting you know how strong your disable_functions is and how you can bypass that.
  ☆110Updated 4 years ago
• rayhan0x01 / nodejs-websocket-sqli
  A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection
  ☆69Updated 3 years ago
• PortSwigger / js-miner
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆54Updated last year
• ambionics / scalpel
  Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
  ☆51Updated 3 months ago
• pentagridsec / PentagridScanController
  Improve automated and semi-automated active scanning in Burp Pro
  ☆60Updated 2 years ago
• PortSwigger / splitting-the-email-atom
  ☆55Updated last month
• Paradoxis / Flask-Unsign-Wordlist
  The following package is the standalone wordlist-only component to flask-unsign.
  ☆36Updated 3 months ago
• PortSwigger / server-side-prototype-pollution
  ☆27Updated last year
• CsEnox / CVE-2021-22911
  Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1
  ☆54Updated last year
• kunte0 / phar-jpg-polyglot
  Phar + JPG Polyglot generator and playground (CTF CODE)
  ☆72Updated 5 years ago
• neex / ghostinthepdf
  ☆159Updated 2 years ago
• wdahlenburg / werkzeug-debug-console-bypass
  Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege e…
  ☆50Updated last year
• Rhynorater / rebindMultiA
  ☆54Updated last year
• Ophion-Security / sret
  ☆99Updated this week
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆39Updated 2 years ago
• assetnote / jira-mobile-ssrf-exploit
  Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)
  ☆86Updated 2 years ago
• jakabakos / CVE-2023-36664-Ghostscript-command-injection
  Ghostscript command injection vulnerability PoC (CVE-2023-36664)
  ☆116Updated last year
• NotSoSecure / NotSoCereal-Lab
  NotSoCereal: A Deserialization exploit playground
  ☆48Updated 2 years ago
• incogbyte / quickpress
  Small tool to automate SSRF wordpress and XMLRPC finder
  ☆78Updated last year
• Hackmanit / template-injection-table
  The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.
  ☆56Updated 6 months ago
• snyk / socketsleuth
  Burp Extension to add additional functionality for pentesting websocket based applications
  ☆79Updated 3 months ago
• dbrwsky / Nuclei-BurpExtension
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆115Updated last year
• JetP1ane / Affinis
  Recurrent Neural Network SubDomain Discovery Tool
  ☆90Updated last year
• Static-Flow / BurpSuiteAutoCompletion
  This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
  ☆162Updated 3 years ago
• epi052 / cve-2018-15473
  Multi-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473
  ☆98Updated 4 months ago
• bcoles / jira_scan
  A simple remote scanner for Atlassian Jira
  ☆117Updated last year