Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege escalation vector.
☆62Nov 16, 2022Updated 3 years ago
Alternatives and similar repositories for werkzeug-debug-console-bypass
Users that are interested in werkzeug-debug-console-bypass are comparing it to the libraries listed below
Sorting:
- A tool collection of various attacks on TLS based on TLS-Attacker☆21Jun 25, 2025Updated 8 months ago
- LimeSurvey Authenticated RCE☆23Jul 16, 2023Updated 2 years ago
- CVE-2020-25223☆11Sep 13, 2021Updated 4 years ago
- ☆13Dec 30, 2024Updated last year
- "VMBreaker" is a specialized tool for virtual machine security testing, offering essential, user-friendly features for efficient penetrat…☆13Apr 15, 2024Updated last year
- Webmin 1.910 - Remote Code Execution Using Python Script☆10Feb 6, 2024Updated 2 years ago
- CVE-2023-46818 Python3 Exploit for ISPConfig <= 3.2.11 (language_edit.php) PHP Code Injection Vulnerability☆15Apr 16, 2025Updated 10 months ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- A wordlist repository with human-curated and reviewed content.☆125Oct 24, 2023Updated 2 years ago
- ☆20Nov 14, 2024Updated last year
- Multiple Brute Force XMLRPC [Wordpress]☆14Jun 27, 2022Updated 3 years ago
- Hackthebox tools☆12Mar 3, 2019Updated 7 years ago
- Toy version of the sweet32 attack☆16Nov 24, 2017Updated 8 years ago
- Compiled dataset of Java deserialization CVEs☆60Aug 31, 2020Updated 5 years ago
- Enumerate AWS permissions and resources.☆71Jun 23, 2022Updated 3 years ago
- A simple splunk package for obtaining reverse shells on both Windows and most *nix systems.☆130Aug 20, 2018Updated 7 years ago
- Get a reverse shell using PostgreSQL☆21Aug 16, 2024Updated last year
- A very high performance Domain Name parser package in Go.☆49Aug 27, 2021Updated 4 years ago
- CrlfiX☆21Jan 30, 2025Updated last year
- Joomla! Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion in Python3☆24Feb 27, 2023Updated 3 years ago
- A weird and wonderful console based tool for pentesting web applications☆19Apr 20, 2020Updated 5 years ago
- 🐋 Pipe builds your Docker image locally, transfers only the changed layers to your server, and starts your container. It's like git push…☆25Dec 27, 2025Updated 2 months ago
- Burp Suite Extension for inserting a magic byte into responder's request☆24Sep 22, 2023Updated 2 years ago
- Vulnerability analysis and PoC for the Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (RCE)☆23Sep 4, 2021Updated 4 years ago
- A tutorial on using JohnTheRipper and Hashcat to crack lost keepass passwords☆79Apr 30, 2021Updated 4 years ago
- Generating payloads to reverse shell in different contexts of java.☆50Jul 7, 2022Updated 3 years ago
- ☆110Dec 13, 2019Updated 6 years ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆144Oct 27, 2019Updated 6 years ago
- CVE-2022-1292 OpenSSL c_rehash Vulnerability - POC☆28Jul 20, 2022Updated 3 years ago
- Framework for blind boolean-based sql injections exploatation. Use it if sqlmap does shit.☆29Mar 26, 2022Updated 3 years ago
- Wfuzz fork☆39Jan 10, 2025Updated last year
- Proof of concept for abusing SeLoadDriverPrivilege (Privilege Escalation in Windows)☆161Jun 14, 2018Updated 7 years ago
- recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to termi…☆25Feb 11, 2023Updated 3 years ago
- Kerberoast with ACL abuse capabilities☆619Dec 16, 2024Updated last year
- CVE-2023-2255 Libre Office☆64Jul 10, 2023Updated 2 years ago
- Custom queries list for BloodHound☆31Jul 8, 2025Updated 8 months ago
- POC for CVE-2024-23897 Jenkins File-Read☆38Nov 20, 2025Updated 3 months ago
- IIS shortname scanner written in Go☆354Mar 25, 2023Updated 2 years ago
- Jumpstart multiple WebSocket servers quickly☆32Nov 23, 2021Updated 4 years ago