☆129Apr 2, 2018Updated 7 years ago
Alternatives and similar repositories for cors-poc
Users that are interested in cors-poc are comparing it to the libraries listed below
Sorting:
- This is a quick POC for using the Matt Nelson (enigma0x3) technique for generating a malicious .SettingContent-ms extension type for remo…☆54Jun 15, 2018Updated 7 years ago
- This is a hash parser that will export a rc file compatible with Metasploit. This is useful when compromising a separate domain and want …☆23Oct 8, 2014Updated 11 years ago
- PoC code from blog☆16Mar 10, 2020Updated 5 years ago
- ☆16Jul 7, 2020Updated 5 years ago
- WPUpdate is a simple Linux service that automatically checks for a new version of Wordpress each night at 2AM.☆36Feb 7, 2014Updated 12 years ago
- ☆41May 16, 2018Updated 7 years ago
- Get all possible href | src | url from target url or domain☆40Aug 5, 2020Updated 5 years ago
- AtExec SMB remote execution command (using SCHTASKS)☆12May 24, 2021Updated 4 years ago
- ☆19Oct 5, 2020Updated 5 years ago
- Web shells for PHP/ASP/ASP.NET using the least number of characters☆14Sep 27, 2023Updated 2 years ago
- Vulnerability research on the CA UIM Nimbus protocol☆15Sep 28, 2020Updated 5 years ago
- Notes as I learn basic AWS penetration testing☆67May 28, 2019Updated 6 years ago
- OpenVPN Connect for Windows (MSI) - 3.1.0.361 - Privilege Escalation☆26Feb 28, 2020Updated 6 years ago
- Data exfiltration using reflective DNS resolution covert channel☆53Jan 10, 2018Updated 8 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆318May 22, 2023Updated 2 years ago
- A code demonstrating CVE-2018-0886☆269Aug 14, 2020Updated 5 years ago
- Rid_enum is a null session RID cycle attack for brute forcing domain controllers.☆308Jul 28, 2024Updated last year
- MalRecon - Basic Malware Reconnaissance and Analysis Tool☆26Jun 8, 2017Updated 8 years ago
- SprayWMI is an easy way to get mass shells on systems that support WMI. Much more effective than PSEXEC as it does not leave remnants on …☆250Nov 24, 2015Updated 10 years ago
- Exploits for various CVEs☆213Jul 14, 2020Updated 5 years ago
- When CactusTorch meets WebDavDelivery and obfuscation☆63Sep 19, 2017Updated 8 years ago
- RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.☆364Apr 14, 2022Updated 3 years ago
- The official exploit for Open-AudIT v3.3.1 Remote Code Execution CVE-2020-12078☆18Apr 28, 2020Updated 5 years ago
- A WebDAV PROPFIND covert channel to deliver payloads☆52Nov 14, 2017Updated 8 years ago
- CVE-2017-9791☆27Jul 8, 2017Updated 8 years ago
- Converts the output from Invoke-Kerberoast into hashcat format.☆33Nov 13, 2018Updated 7 years ago
- A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或…☆675Jul 16, 2023Updated 2 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆649Feb 21, 2024Updated 2 years ago
- AV/EDR evasion via direct system calls.☆33Dec 7, 2020Updated 5 years ago
- A highly configurable Framework for easy automated web scanning☆381Jul 13, 2020Updated 5 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆52Jul 14, 2021Updated 4 years ago
- Exploit for PlaySMS 1.4 authenticated RCE☆14Nov 6, 2018Updated 7 years ago
- Fileless SQL Server CLR-based Custom Stored Procedure Command Execution☆35Mar 6, 2017Updated 9 years ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆35Nov 10, 2016Updated 9 years ago
- Content hijacking proof-of-concept using Flash, PDF and Silverlight☆384May 16, 2019Updated 6 years ago
- ☆52Sep 17, 2018Updated 7 years ago
- Hackthebox automation scripts and writeups.☆22Jan 27, 2020Updated 6 years ago
- Jboss_JMXInvokerServlet_Deserialization_RCE☆21Sep 3, 2019Updated 6 years ago
- An example of high-QPS requesting Burp Intruder style on AWS Lambda via self-invocation.☆22Nov 15, 2018Updated 7 years ago