py

github.com
Screetsec/Microsploit
Microsploit - Fast and easy create backdoor office exploitation using module metasploit packet , Microsoft Office , Open Office , Macro attack , Buffer Overflow

a Simple tool and not very special but this tool fast and easy create backdoor office exploitation using module metasploit packet. Like Microsoft Office in windows or mac , Open Office in linux , Macro attack , Buffer Overflow in word . Work in kali rolling , Parrot , Backbox .

Originally posted by aircraft24

github.com
ewilded/psychoPATH
psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write fil...

This tool is a customizable payload generator, initially designed to automate blind detection of web file upload implementations allowing to write files into the webroot (aka document root). The “blind” aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source code or the filesystem.

Shortly after implementation it turned out the tool can also be very handy in hunting Local File Inclusion aka arbitrary file reading issues involving path traversal.

This tool helps to discover several kinds of vulnerabilities not detected by most scanners/payload sets:

  • file upload vulnerable to path traversal with the upload directory located inside the document root
  • file upload vulnerable to path traversal with the upload directory outside the document root
  • file upload not vulnerable to path traversal, but having the upload directory is inside of the document root, with no direct links to the uploaded file exposed by the application
  • local file inclusion/arbitrary file read vulnerable to path traversal with non-recurrent filters involved

Originally posted by creepydrugconsumer