PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (+1403.57%)
ctfCTF programs and writeups
Stars: ✭ 22 (-21.43%)
Loki.RatLoki.Rat is a fork of the Ares RAT, it integrates new modules, like recording , lockscreen , and locate options. Loki.Rat is a Python Remote Access Tool.
Stars: ✭ 63 (+125%)
web-cve-testsA simple framework for sending test payloads for known web CVEs.
Stars: ✭ 120 (+328.57%)
bulkssrfTests for SSRF by injecting a specified location into different headers. This is a Rust port of m4ll0k's tool.
Stars: ✭ 35 (+25%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (+35.71%)
ssrf-vuls国光的手把手带你用 SSRF 打穿内网靶场源码
Stars: ✭ 235 (+739.29%)
window-ratThe purpose of this tool is to test the window10 defender protection and also other antivirus protection.
Stars: ✭ 59 (+110.71%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (+10.71%)
ssrf filterA ruby gem for defending against Server Side Request Forgery (SSRF) attacks
Stars: ✭ 68 (+142.86%)
proxylogscanA fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).
Stars: ✭ 145 (+417.86%)
exprologProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Stars: ✭ 131 (+367.86%)
Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (+296.43%)
badcharsBad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.
Stars: ✭ 178 (+535.71%)
AMP-ResearchResearch on UDP/TCP amplification vectors, payloads and mitigations against their use in DDoS Attacks
Stars: ✭ 246 (+778.57%)
CVE-2020-36179CVE-2020-36179~82 Jackson-databind SSRF&RCE
Stars: ✭ 77 (+175%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+10121.43%)
IntruderpayloadsA collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Stars: ✭ 2,779 (+9825%)
Xss LoaderXss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Stars: ✭ 215 (+667.86%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+9721.43%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (+435.71%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+9246.43%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+4771.43%)
WinpayloadsUndetectable Windows Payload Generation
Stars: ✭ 1,211 (+4225%)
GivingstormInfection vector that bypasses AV, IDS, and IPS. (For now...)
Stars: ✭ 72 (+157.14%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+3382.14%)
PwndropSelf-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
Stars: ✭ 878 (+3035.71%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (+2607.14%)
FakeimageexploiterUse a Fake image.jpg to exploit targets (hide known file extensions)
Stars: ✭ 598 (+2035.71%)
PixloadImage Payload Creating/Injecting tools
Stars: ✭ 586 (+1992.86%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+117432.14%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (+1553.57%)
BurpcryptoBurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Stars: ✭ 350 (+1150%)
Bugbounty CheatsheetA list of interesting payloads, tips and tricks for bug bounty hunters.
Stars: ✭ 3,644 (+12914.29%)
WordlistsInfosec Wordlists
Stars: ✭ 271 (+867.86%)
HatVenomHatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.
Stars: ✭ 84 (+200%)
Ssrf TestingSSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (+6035.71%)
PriestExtract server and IP address information from Browser SSRF
Stars: ✭ 13 (-53.57%)
SecExampleJAVA 漏洞靶场 (Vulnerability Environment For Java)
Stars: ✭ 228 (+714.29%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (+203.57%)
Flag-CaptureSolutions and write-ups from security-based competitions also known as Capture The Flag competition
Stars: ✭ 84 (+200%)
ssrf-agentmake http(s) request to prevent SSRF
Stars: ✭ 16 (-42.86%)