j4k0m/API-to-Shell j4k0m/API-to-Shell

  • Stars
    star
    4
  • Rank 3,214,913 (Top 65 %)
  • Language
    PHP
  • Created over 2 years ago
  • Updated over 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
j4k0m/API-to-Shell
github

j4k0m

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Exploiting API to Shell challenge from Pentesterlab serialize badge.

More Repositories

1

godkiller

Vulnerabilities you my miss during a penetration testing.
97
star
2

AwesomeMoroccanHackers

An Awesome List of Moroccan Cyber Security Researchers, Pentesters, Bug Hunters.
93
star
3

discord-theory-I

My attempt to reverse the Discord nitro token generation function.
Python
29
star
4

Born2beroot

This project aims to introduce you to the wonderful world of virtualization.
Shell
24
star
5

huntfer

An automation tool to help you to find weak functions in your target source code for potential attacks.
Python
19
star
6

CVE-2021-24499

Mass exploitation of CVE-2021-24499 unauthenticated upload leading to remote code execution in Workreap theme.
Shell
19
star
7

glimpse-into-web-penetration-testing

A glimpse into web penetration testing example, that I did me and @Edd13Mora in our free time, for beginners to have an idea about websec.
14
star
8

CVE-2021-41773

Exploitation of CVE-2021-41773 a Directory Traversal in Apache 2.4.49.
Shell
13
star
9

minitalk

A small data exchange program using UNIX signals.
C
13
star
10

snowcrash-writeup

This project aims to make you discover, through several little challenges, cyber security in various fields.
13
star
11

really-good-cybersec

A really good cybersec reading materials.
12
star
12

lookuper

A simple tool for wide targeting using ASN.
Python
11
star
13

DiscordEmojisStealer

Use emojis everywhere without having a nitro or steal other emojis to use them on your server.
Python
9
star
14

secdojo-23jan

SecDojo 23jan CTF writeup.
9
star
15

ultimateclone

script to clone all your 42 projects at once
Shell
8
star
16

CVE-2018-18925

Exploitation of CVE-2018-18925 a Remote Code Execution against the Git self hosted tool: Gogs.
Go
7
star
17

WinUSBKiller

C#
5
star
18

Ruby2.x-RCE-Deserialization

Code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load().
Ruby
5
star
19

CTFs

Some of my challenges :)
Python
5
star
20

CVE-2019-5420

A vulnerability can allow an attacker to guess the automatically generated development mode secret token.
Python
5
star
21

Boxer

Auto scanning tool that will help you during playing on HackTheBox, TryHackMe...etc
Shell
4
star
22

PHP-8.1.0-dev-RCE

Script to exploit PHP-8.1.0-dev-RCE and gain reverse shell.
Shell
4
star
23

RyouYoo

4
star
24

auto_42_projecter

A tool that will create 42 project files structure for you.
Python
3
star
25

3DPrint-Lite-1.9.1.4-File-Upload

Analysis of WordPress 3D Print Lite 1.9.1.4 - arbitrary file upload vulnerability.
Shell
3
star
26

thnb-ctf-writeups

Writeups for the challenges I made for THNB national CTF
3
star
27

spring4shell-secdojo

A write-up for SecDojo Spring4shell lab.
Shell
3
star
28

CVE-2018-11235

Auto malicious git repository creation to exploit CVE-2018-11235 a Remote Code Execution using Git Sub module.
Shell
2
star
29

CVE-2016-2098

Remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data.
2
star
30

unhide-the-flag

unhide the flag ! stego challenge by Lelouche01
2
star
31

recheck

recheck script for 42 projects
Shell
2
star
32

Vault6

Archiving Leaked samples from Different sources for Different Uses
2
star
33

RazXSS

Easy XSS web challenge.
Python
2
star
34

loader-CVE-2020-14343

A web application vulnerable to CVE-2020-14343 insecure deserialization leading to command execution in PyYAML package.
HTML
2
star
35

CBC-MAC

Exploitation of signature of non-fixed size messages with CBC-MAC challenge on Pentesterlab.
Ruby
2
star
36

CVE-2018-0114

Exploitation of a vulnerability in Cisco's node-jose, a JavaScript library created to manage JWT.
2
star
37

CVE-2018-6574

Remote command execution in Golang go get command allows an attacker to gain code execution on a system by installing a malicious library.
Go
1
star
38

dirty_snap

A script to generate malicious snap package.
Shell
1
star
39

hacking_env

Shell
1
star
40

Struts-s2-045

Exploit script of Remote Code Execution in Struts 2 application.
Python
1
star
41

CVE-2016-10033

Remote Code Execution vulnerability in PHPMailer.
Shell
1
star
42

solidity-hacking

Hacking smart contracts training
Solidity
1
star
43

CTFS_SETUP

those are some ctfs that I made while learning !
PHP
1
star