676 Open source projects that are alternatives of or similar to APSoft-Web-Scanner-v2

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Extraction of iMessage Data via XSS

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

A semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

Proofs-of-concept

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Reverse Shell as a Service

rsGen is a Reverse Shell Payload Generator for hacking.

XSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.

Advanced Web Browser Fingerprinting

Apache Shiro 反序列化漏洞检测与利用工具

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

An interactive multi-user web JS shell

Asynchronous Python implementation of SlowLoris DoS attack

Here you can get full exploit for SAP NetWeaver AS JAVA

A container repository for my public web hacks!

Safari local file reader

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

Proof of concept of VMSA-2017-0012

Guest to host VM escape exploit for Parallels Desktop

Kubernetes security and vulnerability tools and utilities.

Extensible framework for analyzing publicly available information about vulnerabilities

Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.

Real world and CTFs exploiting web/binary POCs.

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

IoT 固件漏洞复现环境

hack tools

This is a minified exploit for mikrotik routers. It does not require any aditional modules to run.

pentest framework

Vulnerability Labs for security analysis

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Exploiting Edge's read:// urlhandler

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

PoC exploit for CVE-2016-4622

SQL Injection Payload List

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.

My exploitDB.

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

DoS PoC's for SAP products

Some of my public exploits

JSshell - JavaScript reverse/remote shell

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

Block crawlers and high traffic users on your site by IP using Redis

Simple and lightweight library that helps to validate SVG files in security manners.

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

Misc. Public Reports of Penetration Testing and Security Audits.

Advanced vulnerability scanning with Nmap NSE

Unsigned code loader for Exynos BootROM

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

Foxss is a simple php based penetration Testing Tool.Currently it will help to find XSS vulnerability in websites.