A burp-suite plugin that extract all parameters name from in-scope requests.
You can run the plugin while you are working on the target application and it will log all the extracted parameters in the plugin tab. Then you can export the result to a file and use that file with other parameter discovery tools.
Hikvisioninformation Hikvision 流媒体管理服务器敏感信息泄漏 Options optional arguments: -h, --help show this help message and exit -u url, --url url
Choose dependency injection Friendly with MyPy Supports lazy injections Supports
Embark is being developed to provide the firmware security analyzer emba as a containerized service and to ease accessibility to emba regardless of system and operating system.
Unauthenticated Sqlinjection that leads to dump database but this one impersonated Admin and drops a interactive shell
QFTools Python lib to automate basic QFT calculations like Wick-contractions. Features Wick contractions for real scalar fields Wick contractions for
Python program that generates secure passwords. The user has the option to select the length of the password, amount of passwords,
shell-hack Tribute to Chinese ant sword; A Powerful terminal based webshell controller; Usage : Usage : python3 shell-hack.py --url [URL] --w
ReconTracer A Tool for subdomain scan with other tools ReconTracer Find subdomains by using another amazing sources!. Obs: In a close future recontrac
dodgy Dodgy is a very basic tool to run against your codebase to search for "dodgy" looking values. It is a series of simple regular expressions desig
Spring Core RCE - CVE-2022-22965 After Spring Cloud, on March 29, another heavyweight vulnerability of Spring broke out on the Internet: Spring Core R
Zip brute is a python script that cracks zip that are password protected using a wordlist dictionary.
CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17, just some sm
ROFL-FUZZER Ths is Domato, a DOM Fuzzer from Google, but hosted as an website It generates a instance of a newtab on the template given by the user ,
log4jShell Scanner This shell script scans a vulnerable web application that is using a version of apache-log4j 2.15.0. This application is a static
A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals. All your favorite hits in a simplified format.
Fly Dev Tunnel Developers commonly use apps like ngrok, localtunnel, or cloudflared to expose a local web service at a publicly-accessible URL. This i
CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17. Detail HTTP
Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux
CVE-2021-26855 PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github Why does github remove this exploit because
CVE-2021-21086 Exploit This exploit allows to execute a shellcode in the context of the rendering process of Adobe Acrobat Reader DC 2020.013.20074 an
13 Nov 09, 2022
3 Jan 26, 2022
175 Dec 14, 2022
16 Nov 09, 2022
2 Aug 21, 2022
4 Dec 07, 2021
10 Dec 28, 2021
15 Dec 18, 2021
112 Nov 25, 2022
118 Dec 31, 2022
13 Nov 03, 2022
16 Dec 18, 2022
18 Nov 22, 2021
8 Oct 20, 2022
2 Aug 03, 2022
170 Dec 11, 2022
365 Nov 30, 2022
15 May 21, 2022
58 Nov 15, 2022
23 Nov 09, 2022