shamo0 / CVE-2023-38646-PoC
Metabase Pre-auth RCE
☆12Updated last year
Alternatives and similar repositories for CVE-2023-38646-PoC:
Users that are interested in CVE-2023-38646-PoC are comparing it to the libraries listed below
- CVE-2023-4634☆45Updated last year
- PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆31Updated last year
- A Proof-Of-Concept for the CVE-2023-43770 vulnerability.☆33Updated last year
- JoomSploit is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆26Updated last year
- Automated HTTP Request Repeating With Burp Suite☆35Updated last year
- ☆43Updated last year
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆39Updated last year
- Highly configurable script for dictionary/spray attacks against online web applications.☆53Updated 2 years ago
- Template Nuclei SSTI☆29Updated last year
- My personal collection of nuclei templates made for fuzzing.☆27Updated 5 months ago
- ☆52Updated 2 years ago
- ☆37Updated 2 years ago
- An offensive security tool used to enumerate and spray passwords for O365 accounts on both Managed and Federated AD services.☆47Updated 2 years ago
- Burp Suite Extension for inserting a magic byte into responder's request☆22Updated last year
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆48Updated last year
- ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …☆32Updated last year
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆74Updated last year
- Tools used for Pentesting☆22Updated last year
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆65Updated last year
- Azure Service Subdomain Enumeration☆54Updated 5 months ago
- ☆72Updated 9 months ago
- ☆18Updated 10 months ago
- A purposely vulnerable application in order to demonstrate PHP payload smuggling techniques for PNG files.☆37Updated 2 years ago
- CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script w…☆22Updated last year
- WEB-Wordlist-Generator creates related wordlists after scanning your web applications.☆48Updated 9 months ago
- A simple automation tool to detect lfi, rce and ssti vulnerability☆55Updated 3 years ago
- Web cache poisoning vulnerability scanner.☆64Updated 2 years ago
- ☆27Updated last year
- Repo for all my exploits/PoCs☆45Updated last week
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆44Updated 11 months ago