staaldraad / turner
SOCKS5 and HTTP over TURN/STUN proxy
☆172Updated 8 months ago
Related projects: ⓘ
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆251Updated 2 years ago
- A mini webserver with FTP support for XXE payloads☆326Updated 8 months ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆420Updated 2 years ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering☆209Updated 3 years ago
- DupeKeyInjector☆134Updated 2 years ago
- Exploitation toolkit for RichFaces☆102Updated 10 months ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆171Updated 4 years ago
- Piper Burp Suite Extender plugin☆113Updated 6 months ago
- CVE-2018-13382☆145Updated 5 years ago
- RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro…☆106Updated 3 years ago
- HTTP.ninja☆147Updated last year
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆343Updated last year
- Exfiltrate blind remote code execution output over DNS via Burp Collaborator.☆247Updated 2 years ago
- Scan Victim Backup Directories & Backup Files☆178Updated 11 months ago
- Linux privilege escalation via LXD☆129Updated 4 years ago
- Burp with Friends☆99Updated last year
- ☆145Updated 2 years ago
- CVE-2018-13379☆250Updated 5 years ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆49Updated 6 years ago
- PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Or…☆95Updated 4 years ago
- SHELLING - a comprehensive OS command injection payload generator☆104Updated 5 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆252Updated last year
- POC Exploit for Apache Tomcat 7.0.x CVE-2017-12615 PUT JSP vulnerability.☆112Updated last year
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆279Updated 2 months ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆581Updated 3 years ago
- Recurrent Neural Network SubDomain Discovery Tool☆90Updated 2 years ago
- A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system☆197Updated last year
- Burp Suite Extension to monitor new scope☆195Updated 3 years ago
- DNS rebinding toolkit☆250Updated last year
- PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)☆215Updated 3 years ago
- Everything you need about Burp Extension Generation☆151Updated last year