一款辅助探测Orderby注入漏洞的BurpSuite插件,Python3编写,适用于上xray等扫描器被ban的场景
注意:如想测试其他数据库软件PostgreSQL、Oracle,请使用相应的pg_sleep()、dbms_lock.sleep(),未测试,简单替换payload可能不好使,由此造成的漏测本人概不负责
测试demo可参考我的上一个仓库(https://github.com/ce-automne/OrderbyInjectionDemo)
File-Stealer Steal Files on a Windows Machine About This Script will steal certain Files on a Windows Machine and sends them to a FTP Server. Preview
Fuzzercorn libfuzzer bindings for Unicorn. API // The main entry point of the fu
CSAW 2021 Writeups Challenge Category Solved by The Magic Modbus ics root2thrill Lazy Leaks Forensics root2thrill Poem Collection warm-up root2thrill
4nought3 A python script to bypass 403-forbidden. It covers methods like Host-Header Injections, Changing HTTP Requests Methods and URL-Injections. Us
Wellcome to tools Results Install Tools
CVE-2021-40444 builders This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit. This repo is just for testing, re
Ox4Shell Deobfuscate Log4Shell payloads with ease. Description Since the release
KCMTicketFormatter This tools takes the output from https://github.com/fireeye/SSSDKCMExtractor and turns it into properly formatted CCACHE files for
CVE-2021-43936 CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware. This vulnerability w
Revealin Uncover the full name of a target on Linkedin. It's just a little PoC exploiting a design flaw. Useful for OSINT. Screenshot Usage $ git clon
Python sandbox runners for executing code in isolation aka snekbox.
Vuln Impact There was an unauthorized access vulnerability in Hadoop yarn ResourceManager. This vulnerability existed in Hadoop yarn, the core compone
Bad Blood Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versi
Log4JHunt An automated, reliable scanner for the Log4Shell CVE-2021-44228 vulnerability. Video demo: Usage Here the help usage: $ python3 log4jhunt.py
CVE-2022-22536 SAP memory pipes desynchronization vulnerability(MPI) CVE-2022-22
TMOHS1 Root Utility Description An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several
obscurepy Description A tool for obscuring, or making python source code difficult to read. Table of Contents Installation Limitations Usage Disclaime
FBGen is simple facebook user based wordlist generator using Username/ID and cookie.
Crypto Meta Extractor This repository contains the code which extracts some metadata of all the cryptocurrencies listed (9K) on CoinMarketCap. Coding
This repository will contain python scripts for hackers and pentesters. stop being limited with availble tools. Build your own.
5 Nov 17, 2022
23 Nov 17, 2022
7 Oct 06, 2021
11 Aug 27, 2022
23 Dec 17, 2022
168 Nov 09, 2022
137 Jan 02, 2023
35 Oct 25, 2022
8 Jul 05, 2022
129 Dec 21, 2022
164 Dec 20, 2022
25 Nov 24, 2022
80 Dec 29, 2022
39 Nov 21, 2022
49 Nov 09, 2022
40 Dec 29, 2022
10 Jul 31, 2022
2 Jul 20, 2022
3 Jul 03, 2022
24 Nov 29, 2022