os-command-injection

There are 16 repositories under os-command-injection topic.

OSTEsayed/OSTE-Meta-Scan
The OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, ZAP, Nuclei, SkipFish, and Wapiti.
Language:Python299 3 541
omurugur/OS_Command_Payload_List
OS Command Injection Vulnerability Payload List
51 1 021
OSTEsayed/OSTE-Vulnerable-Web-Application
Vulnerable Web application made with PHP/SQL designed to help new web testers gain some experience and test DAST tools for identifying web vulnerabilities. Containing some of the most well-known vulnerabilities such as SQL, cross-site scripting (XSS), OS command injections, our intention to expand more vulnerabilities for learning purposes.
Language:PHP15 1 011
DevanshRaghav75/PayloadsOfAllTheThings
A collection of payloads for different vulnerabilities, best payload lists in one repository
14 1 03
polarspetroll/EscapeAPI
An API for escaping different kind of queries
Language:Ruby14 3 02
moeinfatehi/lfi-to-rce-scenario
This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).
Language:PHP11 1 00
GitHub30/shell2http
Executing shell commands via HTTP server
Language:Python6 1 03
hotpotcookie/CVE-2022-44877-white-box
Red Team utilities for setting up CWP CentOS 7 payload & reverse shell (Red Team 9 - CW2023)
Language:Shell6 1 20
Sec0gh/Portswigger-Labs
Writeups for portswigger labs.
6 1 01
aress31/cve-2017-12945
Exploit for CVE-2017-12945.
Language:Python4 1 01
mrmtwoj/WAFManis
WAFManis is a Protocol-Level WAF Evasion Fuzzing Tool that automates the discovery of evasion vulnerabilities in Web Application Firewalls (WAFs) by fuzzing HTTP requests to identify potential bypass techniques.
Language:Python3 1 00
Stuub/CVE-2025-3969-Exploit
CVE-2025-3969: Exploit PoC (OS CMD injection, Web Shell, Interactive Shell)
Language:Python2 1 0
GitHub30/shell2udp
Executing shell commands via UDP server
Language:Python1 1 01
qeeqbox/os-command-injection
A threat actor may inject arbitrary operating system (OS) commands on target
1 1 0
utkuonursahin/injections
SQL Injection and OS Command Injection demo application.
Language:Java1 1 0
Am0stafa/os-command-injection-poc
An example of how custom commands are executed on a cloud server if an application is vulnerable to os command injection
Language:JavaScript1 0

os-command-injection

OSTEsayed/OSTE-Meta-Scan

omurugur/OS_Command_Payload_List

OSTEsayed/OSTE-Vulnerable-Web-Application

DevanshRaghav75/PayloadsOfAllTheThings

polarspetroll/EscapeAPI

moeinfatehi/lfi-to-rce-scenario

GitHub30/shell2http

hotpotcookie/CVE-2022-44877-white-box

Sec0gh/Portswigger-Labs

aress31/cve-2017-12945

mrmtwoj/WAFManis

Stuub/CVE-2025-3969-Exploit

GitHub30/shell2udp

qeeqbox/os-command-injection

utkuonursahin/injections

Am0stafa/os-command-injection-poc