You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
🛡️ Web Penetration Testing is the process of testing websites or web apps for security flaws. 🔍 It helps find vulnerabilities like SQL injection, XSS, and authentication bypass. 🚨 Used to protect data, improve security, and prevent hacking attacks.
This repository details an IDOR vulnerability in AbsysNet 2.3.1, which allows a remote attacker to brute-force session IDs via the /cgi-bin/ocap/ endpoint. Successful exploitation can compromise active user sessions, exposing authentication tokens in HTML. The attack is limited to active sessions and is terminated if the user logs out.
It is a simple password brute force tool designed for ethical hacking and security testing. Automates the process of selecting passwords for a given user on a website by sending POST requests with different passwords and analyzing the response.
A Python tool for decrypting passwords hashed with the AuthMe SHA256 algorithm. Ideal for penetration testing and security audits on Minecraft servers using the AuthMe authentication plugin.
WARNING: This is a vulnerable application to test the exploit for the Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924). Run it at your own risk!
This repository contains a basic custom lab environment designed to demonstrate and explore SQL injection vulnerabilities. The lab provides a hands-on learning experience to understand the risks associated with insecure coding practices and the impact of SQL injection attacks on web applications.