12 matches found
web-attack-payloads
Web Attack Payloads Collection !Cybersecurityhttps://img.s...
CVE-2024-50667
The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm/formIPv6Addr, /boafrm/formIpv6Setup, /boafrm/formDnsv6. The reason is that the check of ipv6 address is not sufficient, which allows attackers to construct payloads for attacks...
CVE-2024-57098
Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter...
Analyzing Attack Data and Trends Targeting Log4J
The Log4j vulnerability, initially reported in November 2021, has affected millions of devices and applications around the world. It has the potential to allow a malicious actor to take full control of vulnerable devices. As a result of how Log4j controls the logging of strings and code, the...
graduation_design
This is a Python script for a web intrusion detection system using machine learning. The script uses the scikit-learn library to implement a supervised learning approach. It collects and preprocesses normal requests and attack payloads, and uses a Support Vector Machine SVM to classify new reques...
Git All The Payloads! A Collection Of Web Attack Payloads
Git All the Payloads! A collection of web attack payloads. Pull requests are welcome! Usage run ./get.sh to download external payloads and unzip any payload files that are compressed. Payload Credits fuzzdb - https://github.com/fuzzdb-project/fuzzdb SecLists -...
Singularity - A DNS Rebinding Attack Framework
Singularity of Origin is a tool to perform DNS rebinding attacks. It includes the necessary components to rebind the IP address of the attack server DNS name to the target machine's IP address and to serve attack payloads to exploit vulnerable software on the target machine. It also ships with...
DNS Rebinding Attack Framework: Singularity
Singularity of Origin is a tool to perform DNS rebinding attacks. It includes the necessary components to rebind the IP address of the attack server DNS name to the target machine’s IP address and to serve attack payloads to exploit vulnerable software on the target machine. It also ships with...
DNS Rebind Toolkit - A Front-End JavaScript Toolkit For Creating DNS Rebinding Attacks
DNS Rebind Toolkit is a frontend JavaScript framework for developing DNS Rebinding exploits against vulnerable hosts and services on a local area network LAN. It can be used to target devices like Google Home, Roku, Sonos WiFi speakers, WiFi routers, "smart" thermostats, and other IoT devices. Wi...
CBM - Car Backdoor Maker
A hardware-backdoor for CAN bus - by @UnaPibaGeek & @holesec For the first time, a hardware backdoor tool is presented having several advanced features, such as: remote control via SMS commands, automated launch of attack payloads at a GPS location or when a specific car status is reached; and a...
Car Backdoor Maker: CBM
Car Backdoor Maker For the first time, a hardware backdoor tool is presented having several advanced features, such as: remote control via SMS commands, automated launch of attack payloads at a GPS location or when a specific car status is reached; and a configuration interface that allows users ...
Open Source Database Fuzzing: FuzzDB
FuzzDB is the most comprehensive Open Source database of malicious inputs, predictable resource names, greppable strings for server response messages, and other resources like web shells. It’s like an application security scanner, without the scanner. What’s in FuzzDB? Predictable Resource...