Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: file-upload-vulnerability

galihap76/stego-php-payload

Steganografi untuk menyisipkan payload PHP dalam file gambar, digunakan untuk pengujian keamanan web di lingkungan terkontrol.

Language: PHP - Size: 4.88 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

Chessiie/polyglot-generator

Python tool to create polyglot files for magic byte bypass by merging with valid file formats (JPEG, PNG, PDF, DOCX, MP4, etc.)

Language: Python - Size: 6.84 KB - Last synced at: 3 months ago - Pushed at: 7 months ago - Stars: 1 - Forks: 0

feastea/BackupFinder

Discover backup files on web servers with BackupFinder. Generate intelligent patterns for effective penetration testing and security audits. 🛠️💻

Language: Go - Size: 1.36 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

Compcode1/ioc-22-web-shell-upload

This case demonstrates a classic but still deeply effective tactic: the use of an improperly validated file upload to implant a web shell. It wasn’t an exploit. It wasn’t a brute force attack. It was a misused feature — a vulnerable application logic path that let an attacker turn a web server into a foothold.

Language: Jupyter Notebook - Size: 24.4 KB - Last synced at: 2 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0

WSP-LAB/FUSE

A penetration testing tool for finding file upload bugs (NDSS 2020)

Language: Python - Size: 1.23 MB - Last synced at: 4 months ago - Pushed at: over 4 years ago - Stars: 249 - Forks: 44

Ziad-Sakr/Chamilo-LMS-CVE-2023-4220-Exploit

This is an Exploit for Unrestricted file upload in big file upload functionality in Chamilo-LMS for this location "/main/inc/lib/javascript/bigupload/inc/bigUpload.php" in Chamilo LMS <= v1.11.24, and Attackers can obtain remote code execution via uploading of web shell.

Language: Shell - Size: 9.77 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

dollarboysushil/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220

Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.

Size: 116 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

galihap76/pentest-upload-file

Web Penetration Testing : File Upload Vulnerability Dengan Metasploit.

Language: PHP - Size: 5.86 KB - Last synced at: 4 months ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0

tadokun468/Task5-File_upload_vulnerabilities

+ Phân tích lổ hổng PHP Upload file Vulnerable một cách chi tiết + Làm hết các challenge về upload file trong root me

Language: PHP - Size: 7.12 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

kljunowsky/XXElixir

This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.

Language: Python - Size: 44.9 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 53 - Forks: 5

BishoySedra/Cyberus-Summer-Training

All associated materials and tasks for the training

Language: Python - Size: 15.4 MB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0

De-Technocrats/dvwaupsploit

Tool for exploiting file upload vulnerabilities in DVWA (Damn Vulnerable Web Application).

Language: Python - Size: 81.1 KB - Last synced at: over 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0

samphoerna/Whos-who

File Upload Vulnerability using Lighweight PHP

Language: PHP - Size: 8.79 KB - Last synced at: over 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0

WesleyWong420/Imageception

Flask Powered Vulnerable Image Generator

Language: Python - Size: 860 KB - Last synced at: over 2 years ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 0

moeinfatehi/moeinfatehi

Award‑Winning Application Security Specialist, Blockchain Security Researcher

Size: 16.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 3 - Forks: 0

moeinfatehi/file_upload_vulnerability_scenarios

This repository is a dockerized PHP application containing some file upload vulnerability challenges (scenarios).

Language: PHP - Size: 503 KB - Last synced at: over 2 years ago - Pushed at: over 3 years ago - Stars: 19 - Forks: 3

Related Keywords
file-upload-vulnerability 16 file-upload 5 penetration-testing 5 exploitation 4 penetration-testing-tools 3 owasp 3 owasp-top-10 3 hacking 2 exploit 2 cve-2023-4220 2 command-injection 2 chamilo-lms 2 chamilo-exploit 2 web-shell 2 application-security 2 remote-file-inclusion 2 owasp-top-ten 2 python 2 cvssv3 2 pentest 2 security 2 flask 2 web-security 2 admin-page-finder 2 upload-vulnerability 1 cookies 1 cross-site-scripting 1 flash-messages 1 flask-limiter 1 sqlite3-python 1 sql-injection-attacks 1 session 1 server-side-template-injection 1 idor-attack 1 request 1 rendering 1 redirect 1 password-policies 1 chamilo 1 price-manipulation-attack 1 shellcode 1 remote-command-execution 1 php-shell 1 malicious-files 1 appsecurity 1 xss-vulnerability 1 web-application-security 1 security-tools 1 security-automation 1 local-file-inclusion 1 captcha-breaking 1 burpsuite-extender 1 burpsuite 1 backupfinder 1 admin-panel-finder 1 directory-traversal 1 php 1 cybersecurity 1 remote-code-execution 1 file-inclusion 1 dvwa 1 damn-vulnerable-web-application 1 content-filtering-check 1 php-exploitation 1 cybersecurity-ioc 1 application-triage-framework 1 yeswehack 1 wordlist-generator 1 webhacking 1 sensitive-data-exposure 1 open-source 1 data-leakage 1 burp-extensions 1 bugcrowd 1 backup-tool 1 backup 1 polyglot-files 1 polyglot 1 magic-bytes 1 steganography 1 pentesting 1 file-upload-bypass 1 brute-force-attacks 1 bcrypt-hashing-library 1 authentication-backend 1 xxe-injection 1 xxe-attack 1 xxe 1 web 1 penetration 1 hack 1 bugbounty 1 bug-bounty-tools 1 bug-bounty-hunters 1 writeups 1 writeup-ctf 1 writeup 1 php-file-upload 1 web-hacking 1 metasploit-framework 1