A step by step workshop to exploit various vulnerabilities in Node.js and Java applications
☆156Mar 17, 2024Updated 2 years ago
Alternatives and similar repositories for exploit-workshop
Users that are interested in exploit-workshop are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- S2-061 CVE-2020-17530☆29Dec 22, 2020Updated 5 years ago
- OWASP Foundation Web Respository☆36Sep 1, 2021Updated 4 years ago
- Subdomain takeover scanner using Python asyncio☆18Oct 24, 2022Updated 3 years ago
- You can read the writeup on this script here☆272Jul 12, 2020Updated 5 years ago
- ☆22Jul 16, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- all manner of wordlists☆24Jan 19, 2022Updated 4 years ago
- 📚 An ultimate collection wordlists of the best-known CMS☆94Jun 10, 2024Updated last year
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆355Oct 14, 2020Updated 5 years ago
- A small library to alter AWS API requests; Used for fuzzing research☆22Nov 2, 2023Updated 2 years ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆47Dec 24, 2020Updated 5 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- A collection of simple tools and poc-builders☆39Mar 17, 2026Updated 3 weeks ago
- RECON Notes taking from every fucking book about bugbounty and web-app penetration testing exists☆19Feb 29, 2020Updated 6 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆136Apr 28, 2020Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplie…☆283Dec 21, 2020Updated 5 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Dec 2, 2020Updated 5 years ago
- Simple burp extension for routing traffic over tor. It instruments tor to switch to a new circuit after every N requests.☆20Jun 20, 2022Updated 3 years ago
- A small pentesting lab for Azure☆10Apr 19, 2019Updated 6 years ago
- Generate a dynamic PAC script that will route traffic to your Burp proxy only if it matches the scope defined in your Burp target.☆33Nov 8, 2021Updated 4 years ago
- ☆16Jul 7, 2020Updated 5 years ago
- Library Secruity dependency Checker☆12Sep 13, 2019Updated 6 years ago
- ☆27Jul 2, 2020Updated 5 years ago
- Unpack a JavaScript Source Map back into filesystem structure☆186Oct 9, 2020Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Slides from various talks that I've given over the years☆118Aug 14, 2023Updated 2 years ago
- JavaScript functions intended to be used as an XSS payload against a WordPress admin account.☆56Oct 6, 2020Updated 5 years ago
- Burp Extension for easily creating Wordlists☆217Oct 5, 2021Updated 4 years ago
- All known and unknown public POC's for wordpress themes and plugins☆79Jun 23, 2021Updated 4 years ago
- ☆112Oct 23, 2020Updated 5 years ago
- Command line tool for testing CRLF injection on a list of domains.☆163Apr 14, 2024Updated last year
- A Python based scanner to find potential SSRF parameters in a web application.☆70Jul 12, 2021Updated 4 years ago
- Generates target specific word lists for Fuzzing with fuff☆113Sep 2, 2020Updated 5 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆771Aug 21, 2023Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A parallel scanner that utilises axiom to spin up servers and parallel scan using masscan.☆16Jul 1, 2020Updated 5 years ago
- Static code analysis tool based on Elasticsearch☆129Jan 23, 2021Updated 5 years ago
- Workshop given at Hack in Paris 2019☆126Jun 8, 2023Updated 2 years ago
- a JS tool that let you take screenshot of many hosts.☆13Updated this week
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆19Nov 18, 2019Updated 6 years ago
- This repository is a suplimentary material for Android Training's done by Anant Shrivastava from 2012-2017☆222Jan 4, 2021Updated 5 years ago
- Exploit for WebSocket Vulnerability in Apache Tomcat☆169Nov 2, 2020Updated 5 years ago