vp777 / surferFTPLinks
SSRF to TCP Port Scanning, Banner and Private IP Disclosure by abusing the FTP protocol/clients
☆70Updated 4 years ago
Alternatives and similar repositories for surferFTP
Users that are interested in surferFTP are comparing it to the libraries listed below
Sorting:
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆77Updated 4 years ago
- Writeup of CVE-2020-15906☆48Updated 4 years ago
- RCE for Pega Infinity >= 8.2.1, Pega Infinity <= 8.5.2☆60Updated 4 years ago
- DO NOT RUN THIS.☆47Updated 3 years ago
- A Burp Suite extension for headless, unattended scanning.☆36Updated 5 years ago
- Query various sources for CVE proof-of-concepts☆51Updated 2 years ago
- A python-based padding oracle tool☆20Updated last year
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆41Updated 4 years ago
- an Evil Java RMI Registry.☆52Updated 2 years ago
- client-side prototype pullution vulnerability scanner☆46Updated 4 years ago
- Hacking Artifactory with server side template injection☆51Updated 5 years ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆45Updated 3 years ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆48Updated 4 years ago
- ☆19Updated 4 years ago
- PoC CVE-2020-6308☆36Updated 4 years ago
- Dump exposed HTTP .git fast☆50Updated 2 years ago
- SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing☆91Updated 5 years ago
- A Netcat-style backdoor for pentesting and pentest exercises☆51Updated 4 years ago
- A Burp Suite extension which augments your proxy traffic by injecting log4shell payloads into headers☆42Updated 3 years ago
- Default plugins for Jaeles Scanner☆34Updated 4 years ago
- ☆36Updated 7 months ago
- The original slurp source☆33Updated 6 years ago
- Nmap script to check vulnerability CVE-2021-21972☆28Updated 4 years ago
- Some of my public exploits☆51Updated 4 years ago
- ☆104Updated 5 years ago
- Parallelized enumeration tool for red team engagements and bug bounty programs.☆18Updated 4 years ago
- ☆51Updated 3 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Updated 4 years ago
- Simple python script to check against hypothetical JWT vulnerability.☆51Updated 4 years ago
- Compiles a list of major CDN and WAF subnets.☆66Updated this week