command-injection-attacker

Vulnerability scanner

An OS command injection detection and exploitation tool that provides methodologies and software for identifying and exploiting vulnerabilities in applications.

SHELLING - a comprehensive OS command injection payload generator

GitHub

107 stars
5 watching
28 forks
Language: Java
last commit: over 5 years ago

Related projects:

Repository Description Stars
portswigger/backslash-powered-scanner An extension for Burp Suite that scans for unknown classes of injection vulnerabilities using a novel approach 637
portswigger/additional-scanner-checks A collection of passive scanner checks to identify security vulnerabilities in web applications 27
portswigger/httpoxy-scanner Tools to help identify vulnerabilities in web applications using HTTPoxy scanning. 88
portswigger/active-scan-plus-plus An extension to Burp Suite's scanning capabilities that identifies potential vulnerabilities in application behavior 208
portswigger/html5-auditor An HTML validation and security testing tool for identifying vulnerabilities in web applications 4
portswigger/example-scanner-checks A Java-based toolset that provides custom scanning checks and techniques for extending Burp Suite's built-in scanning capabilities. 15
portswigger/json-decoder Tools for analyzing and manipulating HTTP requests and responses in BurpSuite 10
portswigger/reflected-parameters Tools and techniques for exploiting reflected parameter vulnerabilities in Java-based applications 19
portswigger/http-request-smuggler An extension for Burp Suite to help identify and exploit HTTP Request Smuggling vulnerabilities. 958
portswigger/aws-security-checks A set of automated security checks for AWS services written in Python to identify potential vulnerabilities and configuration issues. 36
portswigger/param-miner An extension tool used to identify hidden parameters in web requests 1,245
portswigger/crypto-attacker A collection of tools and scripts for penetration testing and vulnerability assessment of web applications. 2
nccgroup/argumentinjectionhammer An extension that identifies argument injection vulnerabilities in web applications using payloads and detection techniques 118
portswigger/turbo-intruder A tool for sending and analyzing large numbers of HTTP requests to test web application security vulnerabilities. 1,499
r0075h3ll/oralyzer A tool to identify vulnerabilities in web applications by probing for Open Redirections and other types of attacks. 753