wdahlenburg / werkzeug-debug-console-bypass
Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege escalation vector.
☆56Updated 2 years ago
Alternatives and similar repositories for werkzeug-debug-console-bypass:
Users that are interested in werkzeug-debug-console-bypass are comparing it to the libraries listed below
- generate payloads that force authentication against an attacker machine☆105Updated 2 years ago
- Squid Pivoting Open Port Scanner☆70Updated 4 months ago
- A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection☆70Updated 4 years ago
- LFI to RCE via phpinfo() assistance or via controlled log file☆66Updated 2 years ago
- CLI monitor for windows process- & file activity☆85Updated 4 years ago
- Becoming the spider, crawling through the webs to catch the fly.☆76Updated 3 years ago
- Aspx reverse shell☆106Updated 5 years ago
- SSTI Payload Generator☆90Updated 2 years ago
- Helper script for spawning a minimal Ubuntu 16.04 container ready for building kernel exploits (~4.x)☆138Updated 10 months ago
- A python based minimal DNS server to test/verify DNS rebinding attacks☆43Updated last year
- ☆39Updated last year
- TUDO - A vulnerable PHP Web Application.☆106Updated 2 years ago
- A cheatsheet for NetExec☆116Updated 2 months ago
- TESTR - Vulnerable Python Web-App to practice XSS and Command Injection☆33Updated 2 years ago
- ☆118Updated 2 years ago
- ☆60Updated 3 years ago
- Shell Simulation over Net-SNMP with extend functionality☆95Updated 4 years ago
- Get a reverse shell using PostgreSQL☆18Updated 8 months ago
- ☆82Updated 2 weeks ago
- Tool to enable blind sql injection attacks against websockets using sqlmap☆60Updated last year
- Ghostscript command injection vulnerability PoC (CVE-2023-36664)☆122Updated last year
- Python based Bloodhound data converter from the legacy pre 4.1 format to 4.1+ format☆56Updated 2 years ago
- This script will bruteforce the credential of tomcat manager or host-manager☆21Updated 4 years ago
- ☆158Updated 3 years ago
- his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulne…☆109Updated last month
- post/windows/manage/enable_rdp Metaploit module in Command prompt module☆29Updated 6 years ago
- Precompiled executable☆53Updated 2 months ago
- Static binaries, removing any required dependencies from the operating system. Gziped files availabe to download via curl onto your targ…☆65Updated 2 years ago
- Review of AWAE.OSWE☆31Updated 3 years ago
- Tool to parse the Group Policy Preferences XML file which extracts the username and decrypts the cpassword attribute.☆110Updated 2 years ago