A cross-platform python based utility for information gathering and penetration testing automation!

WordPress WPS Hide Login <1.9.1 - Information Disclosure

This is a tool used by several security researchers to find Open Redirect Bug

CVE-2020-27838 - KeyCloak - Information Exposure

WordPress Contact Form 7 - Unrestricted File Upload

Apache Superset - Authentication Bypass

Windows Server 2003 & IIS 6.0 - Remote Code Execution

Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery

Plesk Obsidian <=18.0.49 - Open Redirect

Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal

Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)

SpiderFlow Crawler Platform - Remote Code Execution

PaperCut NG Unauthenticated XMLRPC Functionality

Laravel Ignition contains a cross-site scripting vulnerability when debug mode is enabled.

Windows Advanced Package Tool

Likeshop < 2.5.7.20210311 - Arbitrary File Upload