information-disclosure

There are 2 repositories under information-disclosure topic.

m3n0sd0n4ld / GooFuzz
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
bash-script bugbounty discovery fuzzing google-dorks hacking information-disclosure infosec osint penetration-testing pentesting recon reconnaissance red-team subdomain
Language:Shell 1291
rarecoil / unwebpack-sourcemap
Extract uncompiled, uncompressed SPA code from Webpack source maps.
webpack4 sourcemaps information-disclosure security-tools security-tool spa
Language:Python 488
m8sec / pymeta
Utility to download and extract document metadata from an organization. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
pentest-tool metadata-extraction pentest information-disclosure metadata python3 extract-metadata
Language:Python 451
YalcinYolalan / WSSAT
WEB SERVICE SECURITY ASSESSMENT TOOL
web-service security-tools dynamic-testing static-analysis vulnerabilities xxe-injection sqlinjection xss xml-bomb rest-api-test information-disclosure soap-web-services web-service-test scanner web-service-scanner rest-api-scanner
Language:C# 385
Acceis / exploit-CVE-2023-23752
Joomla! < 4.2.8 - Unauthenticated information disclosure
cve cve-2023-23752 exploit information-disclosure joomla vulnerability
Language:Ruby 76
vah13 / SAP_exploit
Here you can get full exploit for SAP NetWeaver AS JAVA
cve-2016-2386 cve-2016-2388 cve-2016-1910 sql-injection vulnerability information-disclosure sap exploit
Language:Python 73
VainlyStrain / Vaile
Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)
enumeration exploitation exploitation-framework information-disclosure osint penetration-testing-framework pentest-tool pentesting python3 reconnaissance scanner scanning tidos-framework vulnerability-analysis vulnerability-scanners web-application-security web-pentest webappsec
Language:Python 64
ail-project / ail-yara-rules
A set of YARA rules for the AIL framework to detect leak or information disclosure
ail-yara-rules ail-framework information-disclosure yara-rules yara yara-signatures
Language:YARA 36
hellsing
Fricciolosa-Red-Team / hellsing
Sniper. Passive Secrets Hunting.🚬
api api-security information-disclosure information-discovery information-extraction secret-keys secrets secrets-detection secrets-scan token
Language:JavaScript 13
K3ysTr0K3R / CVE-2017-7921-EXPLOIT
A PoC exploit for CVE-2017-7921 - Hikvision Camera Series Improper Authentication Vulnerability.
cve-2017-7921 exploit hack hacked hikvision-camera information-disclosure proof-of-concept vulnerability hikvision
Language:Shell 12
c0brabaghdad1 / CVE-2020-14179
CVE-2020-14179 Scanner
cve-2020-14179 perl-script information-disclosure cve-scanning
Language:Perl 8
LinuxUser255 / Web-Security-Academy-Series
Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.
authentication burpsuite business-logic clickjacking command-injection csrf-attacks exploits fileupload information-disclosure pentest-scripts portswigger portswigger-labs python3 ssrf-tool webapp webapphacking webapppentesting xss-exploitation xxe-injection
Language:Python 5
Sec0gh / Portswigger-Labs
Writeups for portswigger labs.
file-upload os-command-injection server-side-template-injection sql-injection authentication information-disclosure logicflow access-control idor
5
E3SEC / AfterLogic
AfterLogic Products Vulnerabilities
vulnerability security 0day web-vulnerability php rce privilage-escalation information-disclosure
3
K3ysTr0K3R / CVE-2021-43798-EXPLOIT
A PoC exploit for CVE-2021-43798 - Grafana Directory Traversal
directory-traversal directory-traversal-vulnerability exploitation exploits grafana hacking information-disclosure poc cve-2021-43789
Language:Python 2
vrikodar / DnsBlade
Quick DNS Zone Transfer
zone-transfers dns-record dns-zone-transfers dns-zones dns-attacks hack-dns zone-files information-retrieval dns-zone-transfer information-disclosure
Language:Python 2
Cappricio-Securities / CVE-2024-24919
Check Point Security Gateway (LFI)
cve-2024-24919 check-point-security-gateway cve-2024-24919-exploit cve-2024-24919-lfi cve-2024-24919-poc cve-2024-24919-scanner information-disclosure lfi path-traversal
Language:Python 1
fathimakm / web_security_notes
Notes from Portswigger
directory information-disclosure sqlinjection traversal xss
1
CritSecurity / clapi
Utility to scan wordpress installations using their on-by-default REST endpoints
wordpress wp information-disclosure cybersecurity cyber-security infosec rest rest-api scanner pwa
Language:JavaScript 0
htmlhack / hack-yourself-first-solutions
solutions of hack-yourself-first
csrf hack-yourself-first hack-yourself-first-solutions emailspoofing information-disclosure idor privilege-escalation session-invalidation clickjacking clickjacking-vulnerability
0
Cappricio-Securities / CVE-2021-24917
WordPress WPS Hide Login <1.9.1 - Information Disclosure
information-disclosure cve-2021-24917 cve-2021-24917-exploit cve-2021-24917-poc cve-2021-24917-scanner wps-hide-login-exploit wps-hide-login wapt
Language:Python
Cappricio-Securities / CVE-2024-0235
EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure
information-disclosure cve-2024-0235 cve-2024-0235-exploit cve-2024-0235-poc cve-2024-0235-scanner wordpress-scanner wpscan eventon-scanner bugbounty bugbounty-tool bugbounty-tools
Language:Python
Cappricio-Securities / sound4-directory-listing
SOUND4 Impact/Pulse/First/Eco <=2.x - Information Disclosure
bugbounty bugbounty-tool bugbounty-tools directory-listing information-disclosure sound4 sound4-directory-listing
Language:Python