hackthebox
hackerone-reports
Our great sponsors
hackthebox | hackerone-reports | |
---|---|---|
- | 2 | |
325 | 3,195 | |
- | - | |
0.0 | 6.3 | |
over 1 year ago | 9 days ago | |
Python | Python | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
hackthebox
We haven't tracked posts mentioning hackthebox yet.
Tracking mentions began in Dec 2020.
hackerone-reports
- GitHub - reddelexc/hackerone-reports: Top disclosed reports from HackerOne
-
XXE (XML External Entity) Attack & Prevention
There was an interesting case on Hackerone where the XMP metadata of a JPG file was getting parsed unsafely. There are many other interesting XXE bugs there as well if you want to take a look.
What are some alternatives?
SecGen - Create randomly insecure VMs
reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
pentest-everything - This is my penetration testing cheatsheet
Exif-Maniac - Post Exploitation Framework via Exif Data in images
seed-labs - SEED Labs developed in the last 20 years.
SpringShell - Spring4Shell - Spring Core RCE - CVE-2022-22965
netlab - Making virtual networking labs suck less
OWASP-Xenotix-XSS-Exploit-Framework - OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
starred - creating your own Awesome List by GitHub stars!
CVE-2021-40444 - CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
svachal - Automate writeup for vulnerable machines.
jira-mobile-ssrf-exploit - Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)