Category: Web Exploitation

CSRF PoC generator

lazyCSRF v0.0.4 releases: useful CSRF PoC generator

LazyCSRF LazyCSRF is a more useful CSRF PoC generator that runs on Burp Suite. Motivation Burp Suite is an intercepting HTTP Proxy, and it is the defacto tool for performing web application security testing....

JMX exploitation toolkit

sjet: siberas JMX exploitation toolkit

sJET siberas JMX Exploitation Toolkit sJET allows easy exploitation of insecure configured JMX services. Download Prerequirement Jython 2.7 git clone https://github.com/siberas/sjet.git Usage SJET implements a CLI interface (using argparse): jython sjet.py targetHost targetPort password MODE (modeOptions)...

jackhammer

jackhammer: Security vulnerability assessment/management tool

Jackhammer: One Security vulnerability assessment/management tool to solve all the security team problems. What is Jackhammer? Jackhammer is a collaboration tool built with an aim of bridging the gap between Security team vs dev...

Bodhi

bodhi: Client-Side Vulnerability Playground

Bodhi – Client-Side Vulnerability Playground Bodhi is a playground focused on learning the exploitation of client-side web vulnerabilities. The playground has a vulnerable application & a bot program which simulates the real-world victim. An...