synacktiv / astrolock
A purposely vulnerable application in order to demonstrate PHP payload smuggling techniques for PNG files.
☆38Updated 2 years ago
Alternatives and similar repositories for astrolock:
Users that are interested in astrolock are comparing it to the libraries listed below
- Automatic Tools For Metabase Exploit Known As CVE-2023-38646☆27Updated last year
- CVE-2023-4634☆46Updated last year
- Dompdf RCE PoC Exploit - CVE-2022-28368☆17Updated last year
- ElasticSearch exploit and Pentesting guide for penetration tester☆27Updated 2 years ago
- ☆26Updated 2 years ago
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆40Updated last year
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆66Updated last year
- Exploits targeting vBulletin.☆76Updated 2 years ago
- Automated HTTP Request Repeating With Burp Suite☆37Updated 2 years ago
- LFI to RCE via phpinfo() assistance or via controlled log file☆66Updated 2 years ago
- A Proof-Of-Concept for the CVE-2023-43770 vulnerability.☆33Updated last year
- Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure☆30Updated last year
- cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…☆39Updated 2 years ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆49Updated last year
- PassMute - A multi featured Password Transmutation/Mutator Tool☆51Updated last year
- ☆55Updated 2 years ago
- WEB-Wordlist-Generator creates related wordlists after scanning your web applications.☆49Updated 11 months ago
- Zimbra Unauthenticated Remote Code Execution Exploit (CVE-2022-27925)☆56Updated 2 years ago
- CVE-2024-27956 WordPress Automatic < 3.92.1 - Unauthenticated SQL Injection☆18Updated last year
- Run ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.☆24Updated 2 years ago
- Xss payload for bypassing waf☆16Updated 5 years ago
- Nmap scripts to detect exchange 0-day (CVE-2022-41082) vulnerability☆81Updated 2 years ago
- Proof of Concept Exploit for PaperCut CVE-2023-27350☆51Updated last year
- CVE-2023-20052, information leak vulnerability in the DMG file parser of ClamAV☆28Updated last year
- An offensive security tool used to enumerate and spray passwords for O365 accounts on both Managed and Federated AD services.☆48Updated 2 years ago
- My personal collection of nuclei templates made for fuzzing.☆27Updated 7 months ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆75Updated last year
- Web cache poisoning vulnerability scanner.☆66Updated 2 years ago
- PoC for CVE-2022-46169 - Unauthenticated RCE on Cacti <= 1.2.22☆30Updated last year
- ☆39Updated last year