Stars
A collection of Server-Side Prototype Pollution gadgets and exploits
RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.
🕵️♂️ Collect a dossier on a person by username from thousands of sites
🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens
Prototype Pollution and useful Script Gadgets
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
Automatic SQL injection and database takeover tool
PEDA - Python Exploit Development Assistance for GDB
The best tool for finding one gadget RCE in libc.so.6
A list of useful payloads and bypass for Web Application Security and Pentest/CTF