Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege escalation vector.
☆65Nov 16, 2022Updated 3 years ago
Alternatives and similar repositories for werkzeug-debug-console-bypass
Users that are interested in werkzeug-debug-console-bypass are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Exploit codes for rconfig <= 3.9.4☆11Mar 17, 2020Updated 6 years ago
- Webmin 1.910 - Remote Code Execution Using Python Script☆11Feb 6, 2024Updated 2 years ago
- CVE-2023-46818 Python3 Exploit for ISPConfig <= 3.2.11 (language_edit.php) PHP Code Injection Vulnerability☆15Apr 16, 2025Updated last year
- LimeSurvey Authenticated RCE☆24Jul 16, 2023Updated 2 years ago
- ☆20Nov 14, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A tool collection of various attacks on TLS based on TLS-Attacker☆24Jun 25, 2025Updated 10 months ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- Yet another Werkzeug Console Pin Exploit Explanation☆23Jul 30, 2021Updated 4 years ago
- A free, open-source, multi-lingual, template-based VDP policy, safe harbor clause, securitytxt, and DNS Security TXT generator.☆16Apr 17, 2026Updated 3 weeks ago
- Sudo 1.6.x <= 1.6.9p21 and 1.7.x <= 1.7.2p4 Local Privilege Escalation and vulnerable container☆11Dec 16, 2017Updated 8 years ago
- ☆13Dec 30, 2024Updated last year
- A python based minimal DNS server to test/verify DNS rebinding attacks☆79May 15, 2023Updated 3 years ago
- A simple reverse and as well a webshell that recognices the OS (Windows/Linux).☆18Nov 11, 2020Updated 5 years ago
- Sample Spring application to Demonstrate the Gateway Actuator☆49Mar 3, 2022Updated 4 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Compiled dataset of Java deserialization CVEs☆60Aug 31, 2020Updated 5 years ago
- Toy version of the sweet32 attack☆16Nov 24, 2017Updated 8 years ago
- The script checks Jenkins endpoints for CVE-2024-43044 by retrieving the Jenkins version from the innstance and comparing it against know…☆19Aug 8, 2024Updated last year
- Get a reverse shell using PostgreSQL☆21Aug 16, 2024Updated last year
- A simple splunk package for obtaining reverse shells on both Windows and most *nix systems.☆141Aug 20, 2018Updated 7 years ago
- A collection of Metasploit plugins I have written for various reasons.☆15Dec 5, 2020Updated 5 years ago
- Generating payloads to reverse shell in different contexts of java.☆50Jul 7, 2022Updated 3 years ago
- Proof of concept for abusing SeLoadDriverPrivilege (Privilege Escalation in Windows)☆166Jun 14, 2018Updated 7 years ago
- POC for CVE-2020-9484☆13Feb 10, 2021Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A study resource for the BSCP labs and exams.☆37Aug 8, 2025Updated 9 months ago
- Privilege escalation in Docker☆32Jun 30, 2022Updated 3 years ago
- A wordlist repository with human-curated and reviewed content.☆129Oct 24, 2023Updated 2 years ago
- RCE PoC for Tensorflow using a malicious Lambda layer☆60Jul 30, 2025Updated 9 months ago
- A multithreaded Python3 program that fuzzes HTTP headers and values and outputs the results to a CSV file.☆21Jan 13, 2019Updated 7 years ago
- Multiple Brute Force XMLRPC [Wordpress]☆14Jun 27, 2022Updated 3 years ago
- KeePass 2.X dumper (CVE-2023-32784)☆28Nov 4, 2023Updated 2 years ago
- A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts☆171Jun 29, 2025Updated 10 months ago
- CVE-2022-1292 OpenSSL c_rehash Vulnerability - POC☆28Jul 20, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- All of Your Copy/Paste Belong to Us: Stealing the clipboard and using it for C2 communications☆87Feb 21, 2019Updated 7 years ago
- Hackthebox tools☆13Mar 3, 2019Updated 7 years ago
- CVE PoCs☆21Jul 16, 2020Updated 5 years ago
- Python's handling of NaN is....interesting?broken?...this project illustrates the issue☆13Dec 28, 2021Updated 4 years ago
- A Collection of Proof of Concepts for non-published Web Exploits and Common CVEs☆10Nov 29, 2020Updated 5 years ago
- Use SE_BACKUP_NAME/SeBackupPrivilege to access objects you shouldn't have access to☆452Jul 29, 2013Updated 12 years ago
- IIS shortname scanner written in Go☆355Mar 25, 2023Updated 3 years ago