annsmarmalarki's starred repositories
SpringShell
Spring4Shell - Spring Core RCE - CVE-2022-22965
CVE-2022-1388_PoC
F5 BIG-IP RCE exploitation (CVE-2022-1388)
command-injection-payload-list
🎯 Command Injection Payload List
match-replace-burp
Useful "Match and Replace" burpsuite rules
LinkFinder
A python script that finds endpoints in JavaScript files
filterbypass
Browser's XSS Filter Bypass Cheat Sheet
Directory-Traversal-Toolbox
A few handy scripts for pulling important files off remote machines using a directory traversal or local file include vulnerability.
psychoPATH
psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-searching payload generator, LFI mode, nix & windows support, single byte generator, payload export.
SimplesApachePathTraversal
Tool check: CVE-2021-41773, CVE-2021-42013, CVE-2020-17519
dotdotslash
Search for Directory Traversal Vulnerabilities
CVE-2020-0796-RCE-POC
CVE-2020-0796 Remote Code Execution POC
XSS-Freak
XSS-Freak is an xss scanner fully written in python3 from scratch. it is one of its kind since it crawls the website for all possible links and directories to expand its attack scope. then it searches them for inputs tags and then launches a bunch of xss payloads. if an inputs is not sanitized and vulnerable to xss attacks, the tool will discover it in seconds.
log4jshell-pdf
The purpose of this project is to demonstrate the Log4Shell exploit with Log4J vulnerabilities using PDF as delivery channel
log4j-payload-generator
Log4j jndi injects the Payload generator
CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
check-log4j
To determine if a host is vulnerable to log4j CVE‐2021‐44228