authentication-bypass

There are 28 repositories under authentication-bypass topic.

  • Mr-xn/Penetration_Testing_POC

    渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

    Language:HTML7.1k26082k

  • AnonKryptiQuz/NextSploit

    NextSploit is a command-line tool designed to detect and exploit CVE-2025-29927, a security flaw in Next.js

    Language:Python781320

  • namreeb/wowned

    Authentication bypass for outdated WoW emulation authentication servers

    Language:C++43101534

  • kljunowsky/CVE-2022-40684-POC

    Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager

    Language:Python15102
  • ssh-door

    flashnuke/ssh-door

    A stealth SSH backdoor leveraging PAM shared object (.so) injection to bypass authentication and gain SSH access.

    Language:Shell14116

  • verylazytech/CVE-2024-4358

    Authentication Bypass Vulnerability — CVE-2024–4358 — Telerik Report Server 2024

    Language:Python12115

  • f4T1H21/HackKaradeniz22-Web-CyberCafe

    Hack Karadeniz 2022 CyberCafe sorusu için yazdığım writeup

    Language:Python11200

  • haaris272k/SQL-injection-lab

    This repository contains a basic custom lab environment designed to demonstrate and explore SQL injection vulnerabilities. The lab provides a hands-on learning experience to understand the risks associated with insecure coding practices and the impact of SQL injection attacks on web applications.

    Language:Python11134

  • K3ysTr0K3R/CVE-2023-51467-EXPLOIT

    A PoC exploit for CVE-2023-51467 - Apache OFBiz Authentication Bypass

    Language:Python11111

  • Retr0-code/auth-traversal

    The Vulnerability of GoAhead Service on VStarcam C34S-X4 that allows you to download system.ini configuration file and get login and password.

    Language:Python10102

  • m3ssap0/wordpress-really-simple-security-authn-bypass-vulnerable-application

    WARNING: This is a vulnerable application to test the exploit for the Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924). Run it at your own risk!

    Language:Dockerfile8100

  • K3ysTr0K3R/CVE-2024-27198-EXPLOIT

    A PoC exploit for CVE-2024-27198 - JetBrains TeamCity Authentication Bypass

    Language:Python6101

  • geniuszly/GenBruter

    It is a simple password brute force tool designed for ethical hacking and security testing. Automates the process of selecting passwords for a given user on a website by sending POST requests with different passwords and analyzing the response.

    Language:Python510

  • geniuszly/GenDecryptAuthme

    A Python tool for decrypting passwords hashed with the AuthMe SHA256 algorithm. Ideal for penetration testing and security audits on Minecraft servers using the AuthMe authentication plugin.

    Language:Python510

  • Shivshantp/CVE-2025-2825-CrushFTP-AuthBypass

    Authentication Bypass PoC for CVE-2025-2825 – Exploiting CrushFTP 10.x

    Language:Python5000

  • nikhilpatidar01/Web-Application-Penetration-Testing

    🛡️ Web Penetration Testing is the process of testing websites or web apps for security flaws. 🔍 It helps find vulnerabilities like SQL injection, XSS, and authentication bypass. 🚨 Used to protect data, improve security, and prevent hacking attacks.

    42

  • renatoalencar/dlink-dir610-exploits

    Exploits for CVE-2020-9376 and CVE-2020-9377

    Language:Python4101

  • 516hackers/516-captive-portal-lab

    Intentionally vulnerable captive portal lab for wireless security training. Demonstrates session hijacking, authentication bypass, and network security vulnerabilities. Docker containerized for safe, isolated learning environments. FOR EDUCATIONAL USE ONLY.

    Language:Python3

  • contisimone99/Penetration-Testing-on-Open5Gs

    This repository demonstrates a privilege escalation attack targeting Open5GS's WebUI, exploiting unauthenticated database connections and forged session cookies/JWT tokens. The analysis reveals critical vulnerabilities in authentication mechanisms, offering insights for securing 5G network components.

    Language:Python3

  • Shivshantp/CVE-2025-5777-TrendMicro-ApexCentral-RCE

    PoC for CVE-2025-5777 – Auth Bypass and RCE in Trend Micro Apex Central

    Language:Python3010

  • Cappricio-Securities/CVE-2023-27524

    Apache Superset - Authentication Bypass

    Language:Python2000

  • sum-catnip/foundry-rnghax

    foundryvtt admin authentication bypass POC exploit

    Language:Python2201

  • ThatNotEasy/CVE-2023-27350

    Perfom With Massive Authentication Bypass In PaperCut MF/NG

    Language:Python2103

  • void-eth/VoidGPT

    Reverse engineered ChatGPT client for authentication-free access

    Language:CSS2

  • 516hackers/516-hackers-vuln-playground

    Intentionally vulnerable web application for security training. Modular design with SQLi, XSS, auth bypass, and file upload vulnerabilities. Docker containerized for safe, isolated learning environments. FOR EDUCATIONAL USE ONLY.

    Language:JavaScript1

  • xthalach/CVE-2024-11318

    This repository details an IDOR vulnerability in AbsysNet 2.3.1, which allows a remote attacker to brute-force session IDs via the /cgi-bin/ocap/ endpoint. Successful exploitation can compromise active user sessions, exposing authentication tokens in HTML. The attack is limited to active sessions and is terminated if the user logs out.

    Language:Python1100

  • iftekmahmud/Login-Breaker-Pro

    Automate login attempts with the Login-Breaker-Pro script. Securely test user credentials for your web application or platform.

    Language:Python00

  • visions85/arr-no-auth-patches

    Docker patches to disable authentication popup modals for Sonarr and Radarr while using external authentication (Authentik, Authelia, etc.)

    Language:Dockerfile00