13537 matches found
Microsoft Windows Active Setup Persistence Module
This Metasploit module leverages the Windows Active Setup mechanism to establish persistence while integrating multiple evasion and stealth techniques designed to reduce forensic visibility and bypass detection mechanisms...
Microsoft Windows Service Installation Persistence
This Metasploit module creates a persistent Windows service using multiple methods. It supports PowerShell, SC.exe, and WMI methods for service creation...
Exploit for Code Injection in Rejetto Http_File_Server
Optimum --- Optimum β Hack The Box Writeup Overview I...
Metasploit-Project
MSF Cloud β Security Exploitation & Education Platform SSEP...
π Router Fingerprint / Command Injection Scanner
This Metasploit module targets multiple IoT routers by automatically fingerprinting the device vendor and attempting to exploit command injection vulnerabilities. The module sends an HTTP request to identify the router manufacturer by analyzing response headers and page content. Once the vendor i...
metasploit-mcp
metasploit-mcp Metasploit Framework MCP server for exploit ex...
Exploit for Code Injection in Canto
Metersploit exploit module canto RCE CVE-2024-25096 This is a...
π WordPress SliderβFuture 1.0.5 Arbitrary File Upload
This is a Metasploit module that demonstrates an unauthenticated file upload vulnerability in WordPress SliderβFuture plugin version 1.0.5. ============================================================================================================================================= | Title :...
π OpenBabel 3.1.1 Parsing Issues
This Metasploit auxiliary module generates specially crafted proof of concept files targeting potential parsing vulnerabilities in OpenBabel version 3.1.1 such as NULL pointer dereference and out-of-bounds read conditions...
π Open Babel 3.1.1 CIF File Memory Corruption
This Metasploit auxiliary module generates a crafted .cif file designed to test for memory corruption conditions in Open Babel version 3.1.1. By providing an excessive number of symmetry operations, it triggers a crash DoS during file parsing. The exact outcome depends on the target's build,...
π SPIP Saisies 5.11.0 Remote Code Execution
This Metasploit module exploits a PHP code injection vulnerability in the Saisies plugin for SPIP. The vulnerability allows an attacker to inject and execute arbitrary PHP code through the vulnerable parameter anciennesvaleurs. Versions 5.4.0 through 5.11.0 are affected...
SME-App-exe-
!PyQ...
Regular Expression Denial of Service (ReDoS) Detector
This Metasploit auxiliary module implements a scientific approach to detecting and validating ReDoS vulnerabilities in HTTP-based applications. It leverages context-aware payload generation, length progression testing, and statistical analysis to identify inefficient regular expressions that may...
System-Exploitation-Privilege-Escalation
System Exploitation & Privilege Escalation Lab π Project O...
cyart-vapt-week-2
cyart-vapt-team This repository contains the Week 2 VAPT lab w...
π Xerte Online Toolkits 3.14 Upload Image Shell Upload
This Metasploit module exploits the user template file import functions unrestricted file upload in Xerte Online Toolkits versions 3.14 and earlier to upload and execute a shell. This targets editor/uploadImage.php. This has only been tested in implementations where the authentication type is Db...
Exploit for CVE-2017-0143
Cybersecurity Penetration Testing Project Project Overview...
Windows Registry Run Persistence
This Metasploit module is a Windows persistence module designed to maintain access to a compromised system after a successful exploitation and an active Meterpreter session has been obtained...
FreePBX endpoint SQLi to RCE
FreePBX is an open-source IP PBX management tool that provides a modern phone system for businesses that use VoIP to make and receive phone calls. Versions before 16.0.44 and 17.0.23 are vulnerable to CVE-2025-66039, while versions before 16.0.92 and 17.0.6 are vulnerable to CVE-2025-61675. The...
osTicket 1.18.3 Intelligence and Security Analysis Module
This Metasploit auxiliary module is designed for intelligence gathering, security analysis, and vulnerability discovery in osTicket installations. It performs passive and active reconnaissance without direct exploitation and stores results in the Metasploit database for reporting...