GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced...
Extract uncompiled, uncompressed SPA code from Webpack source maps.
Utility to download and extract document metadata from an organization. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
WEB SERVICE SECURITY ASSESSMENT TOOL
Joomla! < 4.2.8 - Unauthenticated information disclosure
#安全#Here you can get full exploit for SAP NetWeaver AS JAVA
Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)
A set of YARA rules for the AIL framework to detect leak or information disclosure
TimeVault is a specialized automated tool designed to detect potential information disclosure vulnerabilities in web applications by leveraging archived URLs from the Wayback Machine.
A PoC exploit for CVE-2017-7921 - Hikvision Camera Series Improper Authentication Vulnerability.
Sniper. Passive Secrets Hunting.🚬
POC - CVE-2024–24919 - Check Point Security Gateways
Hacking the RDP protocol - Sending an incomplete CredSSP (NTLM) authentication request with null credentials will cause the remote service to respond with a NTLMSSP message disclosing information to i...
#安全#Writeups for portswigger labs.
A PoC exploit for CVE-2021-43798 - Grafana Directory Traversal
AfterLogic Products Vulnerabilities
A simple tool for finding information disclosure vulnerabilities.
solutions of hack-yourself-first