IntruderPayloads - a Collection of Burpsuite Intruder Payloads For Bug Hunting

IntruderPayloads – Collection of Burpsuite Intruder Payloads For Bug Hunting

IntruderPayloads A collection of Burpsuite Intruder payloads, BurpBounty payloads (https://github.com/wagiro/BurpBounty), fuzz lists and pentesting methodologies. To pull down all 3rd party repos, run install.sh in the same directory of the…

Read more »
What is CORS Misconfiguration Bug

Corsy – CORS Misconfiguration Scanner

What is CORS Misconfiguration Bug? Cross-origin resource sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and adds flexibility…

Read more »
Gopherus SSRF to RCE with Reverse Shell - Tool for Exploiting SSRF and gaining RCE

Gopherus – Tool for Exploiting SSRF and gaining RCE

Gopherus If you know a place which is SSRF vulnerable then, this tool will help you to generate Gopher payload for exploiting SSRF (Server Side Request Forgery) and gaining RCE…

Read more »
SQLite - Exploit Boolean-Based Blind SQL Injections Bug

SQLbit – Script for Automatize Boolean-Based Blind SQL Injections

SQL Blind Injection Tool Just another script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwise comparisons with multithreading to find cell…

Read more »
EvilSelenium - Tool That Weaponizes Selenium to Attack Chromium Based Browsers

EvilSelenium – Tool That Weaponizes Selenium to Attack Chromium Based Browsers

EvilSelenium EvilSelenium is a new project that weaponizes Selenium to abuse Chromium-based browsers. The current features right now are: Steal stored credentials (via autofill) Steal cookies Take screenshots of websites Dump Gmail/O365…

Read more »
DalFox Rest API server mode - Powerful Automated XSS Scanning Tool And Parameter Analyzer

DalFox – Powerful Automated XSS Scanning Tool And Parameter Analyzer

Dalfox XSS Tool DalFox is an powerful automated XSS scanning tool and parameter analyzer and utility that fast the process of detecting and verify XSS flaws. It comes with a…

Read more »
Bluffy - Convert Shellcode Into Different Formats Full Example

Bluffy – Convert Shellcode Into Different Formats

Overview Bluffy is a utility which was used in experiments to bypass Anti-Virus products (statically) by formatting shellcode into realistic looking data formats. Proof-of-concept tools, such as 0xBoku‘s Ninja_UUID_Runner and ChoiSG‘s UuidShellcodeExec, inspired the initial…

Read more »