tarunkant / Gopherus
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
☆2,806Updated last year
Related projects: ⓘ
- Automatic SSRF fuzzer and exploitation tool☆2,937Updated 3 months ago
- SSRF (Server Side Request Forgery) testing resources☆2,335Updated last year
- HackBar plugin for Burpsuite☆1,520Updated 3 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆3,739Updated 4 months ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,508Updated 4 years ago
- Pwn stuff.☆1,754Updated 2 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,192Updated 3 weeks ago
- Next-Generation Linux Kernel Exploit Suggester☆1,836Updated last year
- pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.☆3,619Updated 4 months ago
- Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.☆1,459Updated this week
- JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool☆2,407Updated 4 years ago
- List of Awesome CobaltStrike Resources☆3,971Updated 11 months ago
- Rip web accessible (distributed) version control systems: SVN/GIT/HG...☆1,689Updated 2 months ago
- ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.☆1,866Updated this week
- Neo-reGeorg is a project that seeks to aggressively refactor reGeorg☆2,840Updated last week
- Webshell && Backdoor Collection☆1,790Updated 4 years ago
- weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-201…☆1,982Updated 9 months ago
- A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts t…☆2,385Updated 2 years ago
- generate CobaltStrike's cross-platform payload☆2,240Updated 9 months ago
- A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.☆1,502Updated last year
- latest version of scanners for IIS short filename (8.3) disclosure vulnerability☆1,411Updated last year
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner☆1,661Updated 2 years ago
- linuxprivchecker.py -- a Linux Privilege Escalation Check Script☆1,545Updated 2 years ago
- A modern multiple reverse shell sessions manager written in go☆1,499Updated this week
- Venom - A Multi-hop Proxy for Penetration Testers☆1,985Updated 2 years ago
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆5,176Updated last month
- The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.☆2,994Updated 3 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,657Updated 4 months ago
- Linux privilege escalation auditing tool☆5,558Updated 7 months ago
- Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability detai…☆2,922Updated last year