xiajun325 / apache-log4j-rce-poc
☆60Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for apache-log4j-rce-poc
- ☆45Updated 5 months ago
- Multi-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473☆104Updated 6 months ago
- SSTI Payload Generator☆88Updated 2 years ago
- Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more.☆143Updated 10 months ago
- ☆111Updated 2 years ago
- Burp Bounty profiles compilation, feel free to contribute!☆145Updated 3 years ago
- ☆154Updated 2 years ago
- Python exploit for the CVE-2021-22204 vulnerability in Exiftool☆89Updated 3 years ago
- Aspx reverse shell☆93Updated 4 years ago
- Exploit for CVE-2021-3129☆65Updated 3 years ago
- Exploit and Check Script for CVE 2022-1388☆58Updated 2 years ago
- OpenSSH 2.3 < 7.7 - Username Enumeration☆38Updated last year
- That repository contains my updates to the well know java deserialization exploitation tool ysoserial.☆176Updated 2 years ago
- ImageMagick LFI PoC [CVE-2022-44268]☆52Updated last year
- A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection☆69Updated 3 years ago
- ☆39Updated 11 months ago
- log4j rce test environment and poc☆311Updated 2 years ago
- Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.☆101Updated 2 years ago
- LFI Payloads List coolected from github repos☆71Updated 4 years ago
- A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration☆77Updated 4 years ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆101Updated 8 months ago
- Phar + JPG Polyglot generator and playground (CTF CODE)☆74Updated 5 years ago
- SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.☆126Updated 6 months ago
- ☆206Updated 3 years ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆113Updated 5 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆117Updated last year
- Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege e…☆52Updated 2 years ago
- Web Application Security Testing Tools☆234Updated 8 months ago