xanhacks / OffensiveWeb
Offensive Web is a documentation website about security research, difficult concepts, bypass and new exploitation techniques.
☆24Updated 3 months ago
Alternatives and similar repositories for OffensiveWeb:
Users that are interested in OffensiveWeb are comparing it to the libraries listed below
- A python module to explore the object tree to extract paths to interesting objects in memory.☆91Updated 2 months ago
- WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode. You just have to write a…☆49Updated 6 months ago
- Some tips for Bug Bounty using LibreOffice☆46Updated last month
- Auto-Recon script that will help you in the Burp Suite Certified Practitioner Examor with any web-security lab.☆47Updated 8 months ago
- A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.☆39Updated 4 months ago
- ☆36Updated last year
- SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions…☆64Updated 5 months ago
- Challenges & author writeups from ZeroDays CTF 2025.☆64Updated last week
- GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.☆147Updated last month
- ☆13Updated last year
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆39Updated last year
- PP-finder Help you find gadget for prototype pollution exploitation☆154Updated 7 months ago
- Memory mapping profiles for forensic analysis using volatility 2☆47Updated 2 years ago
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆75Updated 9 months ago
- SkillArch☆12Updated this week
- Awesome MXSS ??☆48Updated 6 months ago
- This tool allows to automatically test for Content Security Policy bypass payloads.☆40Updated 6 months ago
- ☆74Updated 5 months ago
- A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.☆71Updated last year
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissions☆31Updated 6 months ago
- Official TruffleHog Burp Suite Extension. Scan Burp Suite traffic for 800+ different types of secrets (API keys, passwords, SSH keys, etc…☆57Updated 3 weeks ago
- ☆81Updated 8 months ago
- CVE-2023-33733 reportlab RCE☆114Updated last year
- A list of all Active Directory machines from HackTheBox☆57Updated 2 months ago
- A complete table of results of types comparison in multiple languages☆27Updated 2 years ago
- A collection of config files for linux focusing on hackthebox theme☆43Updated 3 months ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆124Updated 11 months ago
- By using its cutting edge technology (lolnope), you can now have a persistent multi reverse pty handler!☆89Updated 4 months ago
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆45Updated this week
- A Burp Suite extension that helps track and manage multiple sessions simultaneously by color-coding HTTP requests based on custom pattern…☆25Updated 4 months ago