Salesforce Recon and Exploitation Toolkit

Last update: Dec 23, 2022

Related tags

Security related resources sret

Overview

Salesforce Recon and Exploitation Toolkit

Usage

python3 main.py

References

Announcement Blog - https://www.reconstation.io/blog/salesforce-recon-and-exploitation-toolkit-sret
Salesforce Nuclei Template by Aaron Costello - https://github.com/projectdiscovery/nuclei-templates/blob/master/misconfiguration/salesforce-aura.yaml
Salesforce Testing blog by Praveen Kanniah - https://infosecwriteups.com/in-simple-words-pen-testing-salesforce-saas-application-part-2-fuzz-exploit-eefae11ba5ae

Owner

GitHub Repository

This is tools hacking for scan vuln in port web, happy using

Xnuvers007 PortInjection this is tools hacking for scan vuln in port web, happy using view/show python 3.9 solo coder (tangerang) 19 y/o installation

6 Dec 24, 2022

Used to build an XSS platform on the command line.

pyXSSPlatform Used to build an XSS platform on the command line. Usage: 1.generate the cert file You can use openssl like this: openssl req -new -x509

70 Jun 21, 2022

Separate handling of protected media in Django, with X-Sendfile support

Django Protected Media Django Protected Media is a Django app that manages media that are considered sensitive in a protected fashion. Not only does t

46 Nov 12, 2022

CVE-2022-22965 : about spring core rce

CVE-2022-22965: Spring-Core-Rce EXP 特性: 漏洞探测(不写入 webshell，简单字符串输出) 自定义写入 webshell 文件名称及路径不会追加写入到同一文件中，每次检测写入到不同名称 webshell 文件支持写入冰蝎 webshell 代理支持，可

53 Nov 09, 2022

CVE-2022-22536 - SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536

CVE-2022-22536 SAP memory pipes desynchronization vulnerability(MPI) CVE-2022-22

49 Nov 09, 2022

Buffer Overflow para SLmail5.5 32 bits

SLmail5.5-Exploit-BoF Buffer Overflow para SLmail5.5 32 bits con un par de utilidades para que puedas hacer el tuyo REQUISITOS PARA QUE FUNCIONE: Desa

15 Jul 30, 2022

🐝 ℹ️ Honeybee extension for export to IES-VE gem file format

honeybee-ies Honeybee extension for export a HBJSON file to IES-VE GEM file format Installation pip install honeybee-ies QuickStart import pathlib fro

4 Jul 12, 2022

A semi-automatic osint/recon framework.

Smog Framework A semi-automatic osint/recon framework. Requirements git Python = 3.8 How to use it

22 Oct 17, 2022

S2-062 (CVE-2021-31805) / S2-061 / S2-059 RCE

CVE-2021-31805 Remote code execution S2-062 (CVE-2021-31805) Due to Apache Struts2's incomplete fix for S2-061 (CVE-2020-17530), some tag attributes c

31 Nov 22, 2022

Ethereum transaction decoder (community version).

EthTx Community Edition Community version of EthTx transaction decoder Local environment For local instance, you need few things: Depending on your di

240 Dec 21, 2022

Apk Framework Detector

🚀🚀🚀Program helps you to detect the major framework or technology used in writing any android app. Just provide the apk 😇😇

10 Dec 07, 2022

Password List Maker

Red-Key Red-Key Password List Maker Version 1.1.2 Created By FireKing255 -=Features=- Create Random Password List Create Password List Create Password

7 Dec 26, 2021

a cool, easily usable and customisable subdomains scanner

Subdah 🔎 another subdomains scanner. Installation ⚠️ Python 3.10 required ⚠️ $ git clone https://github.com/traumatism/subdah $ cd subdah $ pip3 inst

14 Oct 18, 2022

xray多线程批量扫描工具

Auto_xray xray多线程批量扫描工具简介 xray社区版貌似没有批量扫描，这就让安服仔使用起来很不方便，扫站得一个个手动添加，非常难受 Auto_xray目录下记得放xray，就跟平时一样的。选项1：oneforall+xray 输入一个主域名，自动采集子域名然后添加到xray任务列表

13 Nov 09, 2022

Virus-Builder - This tool will generate a virus that can only destroy Windows computer

Virus-Builder - This tool will generate a virus that can only destroy Windows computer. You can also configure to auto run in usb drive

16 Dec 30, 2022

I hacked my own webcam from a Kali Linux VM in my local network, using Ettercap to do the MiTM ARP poisoning attack, sniffing with Wireshark, and using metasploit

plan I - Linux Fundamentals Les utilisateurs et les droits Installer des programmes avec apt-get Surveiller l'activité du système Exécuter des program

148 Dec 22, 2022

Salesforce Recon and Exploitation Toolkit

Related tags

Overview

Salesforce Recon and Exploitation Toolkit

Usage

References

Owner

This is tools hacking for scan vuln in port web, happy using

Used to build an XSS platform on the command line.

Separate handling of protected media in Django, with X-Sendfile support

CVE-2022-22965 : about spring core rce

CVE-2022-22536 - SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536

Buffer Overflow para SLmail5.5 32 bits

🐝 ℹ️ Honeybee extension for export to IES-VE gem file format

A semi-automatic osint/recon framework.

S2-062 (CVE-2021-31805) / S2-061 / S2-059 RCE

Ethereum transaction decoder (community version).

Apk Framework Detector

Password List Maker

a cool, easily usable and customisable subdomains scanner

xray多线程批量扫描工具

Virus-Builder - This tool will generate a virus that can only destroy Windows computer

I hacked my own webcam from a Kali Linux VM in my local network, using Ettercap to do the MiTM ARP poisoning attack, sniffing with Wireshark, and using metasploit

JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine

Python tool for dumping flash via uboot reliably

Unicode fuzzer for various purposes

PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)