synacktiv/php_filter_chains_oracle_exploit external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

synacktiv/php_filter_chains_oracle_exploit

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/synacktiv/php_filter_chains_oracle_exploit)

Close

synacktiv / php_filter_chains_oracle_exploitView on GitHubMore

• External links
• Readme badge

A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.

☆328Jun 2, 2024Updated last year

Alternatives and similar repositories for php_filter_chains_oracle_exploit

Users that are interested in php_filter_chains_oracle_exploit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ambionics / wrapwrap

  View on GitHub
  Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.
  ☆240Oct 8, 2024Updated last year
• ambionics / cnext-exploits

  View on GitHub
  Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
  ☆505Sep 30, 2024Updated last year
• synacktiv / php_filter_chain_generator

  View on GitHub
  ☆1,028Jan 23, 2023Updated 3 years ago
• ambionics / lightyear

  View on GitHub
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆111Jun 23, 2025Updated 10 months ago
• wupco / PHP_INCLUDE_TO_SHELL_CHAR_DICT

  View on GitHub
  ☆351Jan 24, 2023Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• Marven11 / Fenjing

  View on GitHub
  专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF
  ☆1,275Updated this week
• kezibei / php-filter-iconv

  View on GitHub
  ☆97Sep 2, 2024Updated last year
• ProbiusOfficial / bashFuck

  View on GitHub
  exec BashCommand with only ! # $ ' ( ) < \ { } just 10 charset used in Bypass or CTF
  ☆265Aug 14, 2024Updated last year
• m4p1e / php-exploit

  View on GitHub
  some fun php exploits
  ☆81Nov 12, 2024Updated last year
• ProbiusOfficial / PHP-FilterChain-Exploit

  View on GitHub
  A Online PHP FilterChain Generator.
  ☆18Aug 3, 2024Updated last year
• EddieIvan01 / pker

  View on GitHub
  Automatically converts Python source code to Pickle opcode
  ☆168Jan 2, 2025Updated last year
• doyensec / r2pickledec

  View on GitHub
  Pickle decompiler plugin for Radare2
  ☆18Aug 6, 2023Updated 2 years ago
• datouo / CTF-Java-Gadget

  View on GitHub
  CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段
  ☆283Dec 13, 2024Updated last year
• ambionics / phpggc

  View on GitHub
  PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
  ☆3,809Sep 29, 2025Updated 7 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• yulate / CtfAgent

  View on GitHub
  ctf awd比赛快速hook java题，提供一键流量转发，无痛修复
  ☆62Mar 17, 2025Updated last year
• pen4uin / java-memshell-generator

  View on GitHub
  一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
  ☆2,191Aug 21, 2025Updated 9 months ago
• luelueking / Deserial_Sink_With_JDBC

  View on GitHub
  Some ReadObject Sink With JDBC
  ☆245May 8, 2024Updated 2 years ago
• phith0n / zkar

  View on GitHub
  ZKar is a Java serialization protocol analysis tool implement in Go.
  ☆651Apr 19, 2026Updated last month
• wh1t3p1g / ysomap

  View on GitHub
  A helpful Java Deserialization exploit framework.
  ☆1,242Feb 17, 2025Updated last year
• vulhub / java-chains

  View on GitHub
  Java Vulnerability Exploitation Platform
  ☆2,056Apr 29, 2026Updated 3 weeks ago
• tarunkant / Gopherus

  View on GitHub
  This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
  ☆3,359Apr 18, 2023Updated 3 years ago
• Macr0phag3 / parselmouth

  View on GitHub
  自动化的 Python 沙箱逃逸 payload bypass 框架 / Automated Python Sandbox(pyjail) Escape Payload Bypass Framework
  ☆98Apr 5, 2026Updated last month
• fnmsd / MySQL_Fake_Server

  View on GitHub
  MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
  ☆1,368Nov 18, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• X1r0z / hacking-espresso

  View on GitHub
  Hacking GraalVM Espresso - Abusing Continuation API to Make ROP-like Attack
  ☆36Aug 27, 2025Updated 8 months ago
• rmb122 / rogue_mysql_server

  View on GitHub
  A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.
  ☆766Dec 2, 2022Updated 3 years ago
• jar-analyzer / jar-analyzer

  View on GitHub
  Jar Analyzer - 一个 JAR 包 GUI 分析工具，方法调用关系搜索，方法调用链 DFS 算法分析，模拟 JVM 的污点分析验证 DFS 结果，字符串搜索，Java Web 组件入口分析，CFG 程序分析，JVM 栈帧分析，自定义表达式搜索，紧跟 AI 技术发…
  ☆2,079May 10, 2026Updated last week
• c0ny1 / ascii-jar

  View on GitHub
  构造字节在ASCII范围内的jar
  ☆142Feb 14, 2022Updated 4 years ago
• X1r0z / JNDIMap

  View on GitHub
  A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-v…
  ☆582May 4, 2026Updated 2 weeks ago
• noraj / flask-session-cookie-manager

  View on GitHub
  Flask Session Cookie Decoder/Encoder
  ☆773Feb 8, 2025Updated last year
• ReaJason / MemShellParty

  View on GitHub
  一款专注于 Java 主流 Web 中间件的内存马快速生成工具，致力于简化安全研究人员和红队成员的工作流程，提升攻防效率
  ☆1,465Apr 26, 2026Updated 3 weeks ago
• BeichenDream / GodPotato

  View on GitHub
  ☆2,272Nov 24, 2023Updated 2 years ago
• Jlan45 / AWDJavaWebPatch

  View on GitHub
  通过jar包快速生成patch模版
  ☆52Jul 29, 2023Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• flowerwind / AutoGenerateXalanPayload

  View on GitHub
  cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
  ☆94Jan 17, 2023Updated 3 years ago
• Y4er / dotnet-deserialization

  View on GitHub
  dotnet 反序列化学习笔记
  ☆518Oct 19, 2023Updated 2 years ago
• synacktiv / QLinspector

  View on GitHub
  Finding Java gadget chains with CodeQL
  ☆188Apr 18, 2026Updated last month
• synacktiv / laravel-crypto-killer

  View on GitHub
  A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.
  ☆142Dec 23, 2025Updated 4 months ago
• tabby-sec / tabby

  View on GitHub
  A CAT called tabby ( Code Analysis Tool )
  ☆1,650Jan 17, 2026Updated 4 months ago
• DasSecurity-HatLab / AoiAWD

  View on GitHub
  AoiAWD-专为比赛设计，便携性好，低权限运行的EDR系统。
  ☆1,092Aug 5, 2024Updated last year
• JackOfMostTrades / gadgetinspector

  View on GitHub
  A byte code analyzer for finding deserialization gadget chains in Java applications
  ☆1,083Jun 15, 2021Updated 4 years ago