sdcampbell / phpLFILinks
Tests for LFI in PHP apps and automates the process of leveraging LFI's to recursively download source code and discover new files via includes to download additional source code files.
☆13Updated 3 years ago
Alternatives and similar repositories for phpLFI
Users that are interested in phpLFI are comparing it to the libraries listed below
Sorting:
- Modified version of PEAS client for offensive operations☆43Updated 2 years ago
- Right-To-Left Override POC☆36Updated 3 years ago
- Convert ldapdomaindump to Bloodhound☆80Updated 2 years ago
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆32Updated 3 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 3 years ago
- Perform Windows domain enumeration via LDAP☆37Updated 3 years ago
- Execute Mimikatz with different technique☆51Updated 4 years ago
- A script used to query the dehashed API and filter for more useful results☆17Updated 4 years ago
- Finding SSL Blindspots for Red Teams☆34Updated 5 years ago
- Checks for signature requirements over LDAP☆98Updated 3 years ago
- Open-Source Phishing Toolkit☆19Updated 4 years ago
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆57Updated 2 years ago
- Notes about the YouTube playlist: Red Team Operations with Cobalt Strike (2019)☆20Updated 4 years ago
- User enumeration and password spraying tool for testing Azure AD☆70Updated 3 years ago
- Bypass Constrained Language Mode in PowerShell☆30Updated 6 years ago
- Kudzu is a Go C2 platform with an emphasis on extensibility.☆11Updated 4 years ago
- A little implant which SSH's back with a shell☆38Updated 3 years ago
- Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.☆57Updated last year
- FireProx written in Go☆21Updated last year
- A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup☆38Updated 2 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Updated 4 years ago
- Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil☆21Updated 3 years ago
- Writeup of CVE-2020-15906☆49Updated 5 years ago
- Multi-thread AzureAD Autologon SSO Password Sprayer.☆37Updated 4 years ago
- Port forwarding via MSRPC (445/tcp) [WIP]☆33Updated 4 years ago
- Tool for pivoting over SMB pipes☆18Updated 6 years ago
- c# reverse shell poc☆26Updated 7 years ago
- ☆23Updated 3 years ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 3 years ago
- ☆53Updated 2 years ago