Lately, we came across a remote code execution in a Tomcat web service by utilizing Expression Language. The vulnerable POST body field expected a number. When sending ${1+2} instead, the web site included a Java error message about a failed conversion to…

Dorks for Google, Shodan and BinaryEdge. Contribute to iGotRootSRC/Dorkers development by creating an account on GitHub.

Author: Badcode@Knownsec 404 Team
Chinese Version: https://paper.seebug.org/884/

A list for all things wireless that you may find useful while assessing a real world Wi-Fi Enterprise Network. How-to: c, KARMA, MANA…

Dorks for Google, Shodan and BinaryEdge. Contribute to iGotRootSRC/Dorkers development by creating an account on GitHub.

Avast JavaScript Interactive Shell . Contribute to taviso/avscript development by creating an account on GitHub.

🐛 A list of writeups from the Google VRP Bug Bounty program - xdavidhu/awesome-google-vrp-writeups

Automatically brute force all services running on a target. - 1N3/BruteX

XSS stands for Cross Site Scripting, it’s basically when input is not properly sanitized somewhere and a malicious actor can inject unintended javascript somewhere. That javascript will be executed by some unsuspecting user’s browser and then bad stuff can…

[CVE-2020-10111] Citrix Gateway 11.1 / 12.0 / 12.1 Cache Bypass [Proof Of Concept] $ curl --include --url https://$NSGATEWAYHOST/logon/incremental.php --data "value=22" https://t.co/qSZ5pgUhpe

Introduction

This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .L...

Tales of a binary encoded life...

Windows active user credential phishing tool. Contribute to hlldz/pickl3 development by creating an account on GitHub.