A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.
☆326Jun 2, 2024Updated last year
Alternatives and similar repositories for php_filter_chains_oracle_exploit
Users that are interested in php_filter_chains_oracle_exploit are comparing it to the libraries listed below
Sorting:
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆236Oct 8, 2024Updated last year
- Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()☆505Sep 30, 2024Updated last year
- ☆993Jan 23, 2023Updated 3 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆111Jun 23, 2025Updated 8 months ago
- ☆349Jan 24, 2023Updated 3 years ago
- 专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF☆1,225Updated this week
- exec BashCommand with only ! # $ ' ( ) < \ { } just 10 charset used in Bypass or CTF☆263Aug 14, 2024Updated last year
- some fun php exploits☆81Nov 12, 2024Updated last year
- ☆95Sep 2, 2024Updated last year
- Pickle decompiler plugin for Radare2☆18Aug 6, 2023Updated 2 years ago
- CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段☆276Dec 13, 2024Updated last year
- Automatically converts Python source code to Pickle opcode☆160Jan 2, 2025Updated last year
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,753Sep 29, 2025Updated 5 months ago
- 一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.☆2,151Aug 21, 2025Updated 6 months ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,302Apr 18, 2023Updated 2 years ago
- ZKar is a Java serialization protocol analysis tool implement in Go.☆647Feb 15, 2025Updated last year
- Some ReadObject Sink With JDBC☆243May 8, 2024Updated last year
- A Online PHP FilterChain Generator.☆17Aug 3, 2024Updated last year
- ctf awd比赛快速hook java题,提供一键流量转发,无痛修复☆56Mar 17, 2025Updated 11 months ago
- Java Vulnerability Exploitation Platform☆1,985Jan 6, 2026Updated last month
- A helpful Java Deserialization exploit framework.☆1,240Feb 17, 2025Updated last year
- cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件☆93Jan 17, 2023Updated 3 years ago
- MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize☆1,360Nov 18, 2021Updated 4 years ago
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆754Dec 2, 2022Updated 3 years ago
- ☆2,198Nov 24, 2023Updated 2 years ago
- dotnet 反序列化学习笔记☆513Oct 19, 2023Updated 2 years ago
- 自动化的 Python 沙箱逃逸 payload bypass 框架 / Automated Python Sandbox Escape Payload Bypass Framework☆99Dec 24, 2024Updated last year
- A CAT called tabby ( Code Analysis Tool )☆1,637Jan 17, 2026Updated last month
- 通过jar包快速生成patch模版☆52Jul 29, 2023Updated 2 years ago
- Microsoft SharePoint Server Elevation of Privilege Vulnerability☆235Sep 26, 2023Updated 2 years ago
- Hacking GraalVM Espresso - Abusing Continuation API to Make ROP-like Attack☆36Aug 27, 2025Updated 6 months ago
- Jar Analyzer - 一个 JAR 包 GUI 分析工具,方法调用关系搜索,方法调用链 DFS 算法分析,模拟 JVM 的污点分析验证 DFS 结果,字符串搜索,Java Web 组件入口分析,CFG 程序分析,JVM 栈帧分析,自定义表达式搜索,紧跟 AI 技术发…☆1,931Feb 22, 2026Updated last week
- PWNable pyjail☆13Jan 13, 2025Updated last year
- PoC for CVE-2023-4911☆389Oct 4, 2023Updated 2 years ago
- Flask Session Cookie Decoder/Encoder☆762Feb 8, 2025Updated last year
- PaddingZip is a tool that you can craft a zip file that contains the padding characters between the file content.☆81Aug 14, 2022Updated 3 years ago
- 一款专注于 Java 主流 Web 中间件的内存马快速生成工具,致力于简化安全研究人员和红队成员的工作流程,提升攻防效率☆1,339Feb 8, 2026Updated 3 weeks ago
- A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-v…☆569Feb 4, 2026Updated 3 weeks ago
- Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.☆625Dec 3, 2024Updated last year