umarfarook882 / Tornado_Demo_Vuln_AppLinks
Tornado Demo Vulnerable Application to test SQL injection vulnerability and patch it using RASP (Runtime Application Self-Protection)
☆11Updated 7 years ago
Alternatives and similar repositories for Tornado_Demo_Vuln_App
Users that are interested in Tornado_Demo_Vuln_App are comparing it to the libraries listed below
Sorting:
- CVE-2017-10271 WEBLOGIC RCE (TESTED)☆39Updated 7 years ago
- Advance URL Fuzzing + Whois Domain running on python☆17Updated 2 years ago
- DoS PoC's for SAP products☆52Updated 7 years ago
- Industrial Security Checklist☆10Updated 8 years ago
- This tool was written as PoC to article https://waf.ninja/libinjection-fuzz-to-bypass/☆38Updated 7 years ago
- CVE-2019-6467 (BIND nxdomain-redirect)☆26Updated 6 years ago
- Jira Information Gatherer☆28Updated 7 years ago
- Automate SSH communication with firewalls, switches, etc.☆26Updated 7 years ago
- Proof of concept showing how to exploit the CVE-2018-11759☆41Updated 6 years ago
- A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.☆42Updated 6 years ago
- Try to detect HTTP desync attack (https://portswigger.net/blog/http-desync-attacks-request-smuggling-reborn)☆12Updated 5 years ago
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 7 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43Updated 5 years ago
- Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java☆55Updated 8 years ago
- passive dns collector☆10Updated 8 years ago
- Exploit PoC for Spring RCE issue (CVE-2011-2894)☆43Updated last year
- Simple socket-based gateway to the Burp Collaborator☆33Updated 8 years ago
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆54Updated 8 years ago
- check cmd execute☆13Updated 8 years ago
- A collection of published exploits and proof-of-concept code.☆21Updated 7 years ago
- ☆46Updated 9 years ago
- CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE☆32Updated 6 years ago
- Vulners signature-base software version detection rules☆37Updated 3 years ago
- It is a Python+Perl script to exploit ASP.net Padding Oracle vulnerability.☆19Updated 8 years ago
- Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)☆38Updated 9 years ago
- A Java serializer in JavaScript☆81Updated 7 years ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Updated 6 years ago
- Remote Desktop Protocol in Twisted Python☆26Updated 7 years ago
- rename☆19Updated 7 years ago
- OWASP Skanda - SSRF Exploitation Framework☆38Updated 11 years ago