Skip to content
/ Unrestricted-File-Upload Public

Repo to help security enthusiasts while testing against unrestricted file upload

License

GPL-3.0 license
5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Att4ck3rS3cur1ty/Unrestricted-File-Upload

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
webshell
webshell
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

OWASP Unrestricted File Upload

Repo to help security enthusiasts while testing against unrestricted file upload & test upload of malicious files based on the OWASP documentation.

Webshell

This module aims to reproduce a webshell creation attempt by an attacker. It has the following levels of filter evasion:

Level Description
1 Change the capitalisation of the extension
2 Change the extensions to a less common extension + Using special trailing characters such as spaces, dots or null characters
3 Level 2 + Additional extension, in case the server cares only about the last extension
4 The opposity logic of the 3rd level. It's used when the server cares only about the first extension in the file name.

About

Repo to help security enthusiasts while testing against unrestricted file upload

Resources

Readme

License

GPL-3.0 license
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages