Notes from Portswigger
-
Updated
Oct 23, 2023
Notes from Portswigger
EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure
Quick DNS Zone Transfer
Utility to scan wordpress installations using their on-by-default REST endpoints
SOUND4 Impact/Pulse/First/Eco <=2.x - Information Disclosure
A PoC exploit for CVE-2021-43798 - Grafana Directory Traversal
Check Point Security Gateway (LFI)
solutions of hack-yourself-first
WordPress WPS Hide Login <1.9.1 - Information Disclosure
Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.
Writeups for portswigger labs.
CVE-2020-14179 Scanner
A PoC exploit for CVE-2017-7921 - Hikvision Camera Series Improper Authentication Vulnerability.
AfterLogic Products Vulnerabilities
Sniper. Passive Secrets Hunting.🚬
A set of YARA rules for the AIL framework to detect leak or information disclosure
Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)
Joomla! < 4.2.8 - Unauthenticated information disclosure
Here you can get full exploit for SAP NetWeaver AS JAVA
Utility to download and extract document metadata from an organization. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Add a description, image, and links to the information-disclosure topic page so that developers can more easily learn about it.
To associate your repository with the information-disclosure topic, visit your repo's landing page and select "manage topics."