A burp-suite plugin that extract all parameters name from in-scope requests.
You can run the plugin while you are working on the target application and it will log all the extracted parameters in the plugin tab. Then you can export the result to a file and use that file with other parameter discovery tools.
Introduction expbox is an exploit code collection repository List CVE-2021-41349 Exchange XSS PoC = Exchange 2013 update 23 = Exchange 2016 update 2
Log4J-Huntress-Automate-Script This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections. Pre-Requisits
AdminerRead Exploit tool for Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability Installation git clone https://github.com/p0dalirius/AdminerRea
Log4jCenter Exploiting CVE-2021-44228 in vCenter for remote code execution and more. Blog post detailing exploitation linked below: COMING SOON Why? P
This repository is one of a few malware collections on the GitHub.
Kriecher is a simple Web Scanner which will run it's own checks for the OWASP top 10 https://owasp.org/www-project-top-ten/# as well as run a
CVE-2021-3625 This repository contains a few example exploits for CVE-2021-3625. All Zephyr-based usb devices up to (and including) version 2.5.0 suff
Grafana V8.0+版本存在未授权任意文件读取 0Day漏洞 - POC 1 漏洞信息 1.1 基本信息 漏洞厂商:Grafana 厂商官网:https://grafana.com/ 1.2 漏洞描述 Grafana是一个跨平台、开源的数据可视化网络应用程序平台。用户配置连接的数据源之后,Gr
UnicodeToy Unicode fuzzer for various purposes Unicode based on version 14.0 features Generate the shortest xss domain payload Generate unicode str, u
A Superfast SMS & Call bomber for Linux And Termux !
Venom Collection Of Discord Hacking Tools / Fun Stuff / Exploits That Is Completely Made Using Python. Report Bug · Request Feature Contributing Well,
This project is no longer maintained March 2020 Update: Please go see the amazing Pysa tutorial that should get you up to speed finding security vulne
cve-2022-23131 cve-2022-23131 zabbix-saml-bypass-exp replace [zbx_signed_session
Python Port Scanner This script tries to check if it's possible to make a connection with the specific endpoint port. This is very useful to ensure se
Hikvisioninformation Hikvision 流媒体管理服务器敏感信息泄漏 Options optional arguments: -h, --help show this help message and exit -u url, --url url
MainCoon is an automated recon framework meant for gathering information during penetration testing of web applications.
Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ
This preserves the early code of a Python decompiler for Python versions 1.5 to 2.4. I have been able to install this using pyenv using Python 2.3.7 u
CVE-2021-23132 com_media allowed paths that are not intended for image uploads to RCE. CVE-2020-24597 Directory traversal in com_media to RCE Two CVEs
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples Above is an adversarial example: the slightly pert
263 Feb 14, 2022
1 Dec 16, 2021
58 Dec 05, 2022
81 Dec 20, 2022
1.7k Dec 28, 2022
1 Nov 12, 2021
7 Nov 10, 2022
3 Dec 13, 2021
33 Nov 27, 2022
15 Feb 21, 2022
25 Dec 06, 2022
2.1k Dec 25, 2022
135 Dec 14, 2022
7 Feb 26, 2022
13 Nov 09, 2022
8 Aug 26, 2022
22.1k Jan 02, 2023
2 Jan 04, 2022
67 Nov 09, 2022
838 Dec 18, 2022