Austria

kleiton0x00

Elite
@kleiton0x00

Yet another infosec guy.

Advanced-SQL-Injection-Cheatsheet. A cheat sheet that contains advanced queries for SQL Injection of all types.

3.2k

ppmap. A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.

520

Proxy-DLL-Loads. A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.

409

XSScope. XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.

314

RedditC2. Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.

274

Shelltropy. A technique of hiding malicious shellcode via Shannon encoding.

269

RemoteShellcodeExec. Execute shellcode from a remote-hosted bin file using Winhttp.

236

CORS-one-liner. A one liner Bash command which finds CORS in every possible endpoint.

152

RtlHijack. Alternative Read and Write primitives using Rtl* functions the unintended way.

79

HTTP-Smuggling-Calculator. Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.

73

CRLF-one-liner. A simple Bash one liner with aim to automate CRLF vulnerability scanning.

69

Todesstern. A simple mutator engine which focuses on finding unknown classes of injection vulnerabilities

67

contexter. Contexter - A secondary context path traversal / server-side parameter pollution testing tool written in Python 3

27

kleiton0x00.github.io. SCSS

11

cpoise. A security testing tool designed to detect and analyze Cache Poisoned Denial of Service (CPDoS) and Cache Deception vulnerabilities in web applications and CDNs.

7

kleiton0x00.

2
16
Apply