A penetration testing tool for finding file upload bugs (NDSS 2020)
-
Updated
Mar 30, 2021 - Python
#
file-upload-vulnerability
Here are 14 public repositories matching this topic...
This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
security web hack exploit file-upload owasp penetration-testing penetration bugbounty xxe xxe-injection penetration-testing-tools bug-bounty-hunters file-upload-vulnerability bug-bounty-tools xxe-attack
-
Updated
Dec 29, 2023 - Python
This repository is a dockerized PHP application containing some file upload vulnerability challenges (scenarios).
security file-upload hacking owasp penetration-testing application-security shellcode exploitation owasp-top-10 owasp-top-ten php-shell malicious-files file-upload-vulnerability remote-command-execution appsecurity upload-vulnerability
-
Updated
Mar 12, 2023 - PHP
Generate some payload to bypass restriction when you perform a file upload
python web file-upload hacking penetration-testing ctf web-penetration-testing pentesting-tools file-upload-vulnerability
-
Updated
Mar 19, 2023 - Python
Award‑Winning Application Security Specialist, Blockchain Security Researcher
owasp xss-vulnerability application-security captcha-breaking burpsuite security-automation security-tools owasp-top-10 web-application-security admin-page-finder cvssv3 admin-panel-finder remote-file-inclusion burpsuite-extender local-file-inclusion penetration-testing-tools file-upload-vulnerability backupfinder
-
Updated
Mar 27, 2024
Tool for exploiting file upload vulnerabilities in DVWA (Damn Vulnerable Web Application).
python file-upload pentest exploitation dvwa command-injection remote-code-execution file-inclusion file-upload-vulnerability damn-vulnerable-web-application
-
Updated
Aug 5, 2023 - Python
Web Penetration Testing : File Upload Vulnerability Dengan Metasploit.
hacking penetration-testing web-security exploitation metasploit-framework web-hacking file-upload-vulnerability
-
Updated
Apr 27, 2024 - PHP
Flask Powered Vulnerable Image Generator
-
Updated
May 1, 2023 - Python
-
Updated
Aug 19, 2021
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
-
Updated
Jul 7, 2024
Python tool to create polyglot files for magic byte bypass by merging with valid file formats (JPEG, PNG, PDF, DOCX, MP4, etc.)
-
Updated
Apr 18, 2025 - Python
File Upload Vulnerability using Lighweight PHP
-
Updated
Jul 20, 2023 - PHP
All associated materials and tasks for the training
python flask rendering cookies flash-messages session request brute-force-attacks redirect authentication-backend password-policies bcrypt-hashing-library cross-site-scripting sql-injection-attacks sqlite3-python server-side-template-injection flask-limiter file-upload-vulnerability price-manipulation-attack idor-attack
-
Updated
Aug 31, 2023 - Python
This case demonstrates a classic but still deeply effective tactic: the use of an improperly validated file upload to implant a web shell. It wasn’t an exploit. It wasn’t a brute force attack. It was a misused feature — a vulnerable application logic path that let an attacker turn a web server into a foothold.
-
Updated
May 23, 2025 - Jupyter Notebook
Improve this page
Add a description, image, and links to the file-upload-vulnerability topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the file-upload-vulnerability topic, visit your repo's landing page and select "manage topics."