13537 matches found
CVE-2023-53937 Hubstaff 1.6.14 DLL Search Order Hijacking via wow64log Library
Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability that allows attackers to replace a missing system32 wow64log.dll with a malicious library. Attackers can generate a custom DLL using Metasploit and place it in the system32 directory to obtain a reverse shell during application...
PT-2025-52316
Name of the Vulnerable Software and Affected Versions Hubstaff version 1.6.14 Description The software contains a DLL search order hijacking issue. An attacker can replace a missing system32wow64log.dll with a malicious library. By using tools like Metasploit to create a custom DLL and placing it...
Windows10-Exploitation-Validation
Windows 10 Exploitation & Security Validation 🎯 Project Ob...
Exploit for Deserialization of Untrusted Data in Facebook React
Exploitest This repository serves as a cent...
HTTPS Fetch, Linux Command Shell, Find Port Inline
Fetch and execute an MIPSLE payload from an HTTPS server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/https/ppc/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...sh...
HTTP Fetch, Linux Command Shell, Find Port Inline
Fetch and execute an PPC payload from an HTTP server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/http/ppc/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...show an...
📄 Microsoft Windows 11 Search Path Privilege Escalation
Microsoft Windows 11 suffers from an untrusted search path local privilege escalation vulnerability. Proof of concept Metasploit module included. ============================================================================================================================================= | Title :...
Periodic Directory Security Audit 1.0
This code enables persistence via the /etc/periodic directory similarly to recent metasploit modules that perform the same function. This is a variant written in PHP...
Linux Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell. Module Options msf use payload/linux/riscv32le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp show options ...show and set options... msf...
Metasploit Wrap-Up 11/28/2025
This week, we have added 10 new modules to Metasploit Framework including an SMB to MSSQL relay module, a remote code execution module targeting Fortinet software, additional 32-bit and 64-bit RISC-V payloads, and more. The SMB to MSSQL NTLM relay module allows users to open MSSQL sessions and ru...
IGEL OS Dump File
Dump a file with escalated privileges for IGEL OS Workspace Edition sessions, by elevating rights with setupcmd SUID and outputting with date. Module Options msf use post/linux/gather/igeldumpfile msf postigeldumpfile show actions ...actions... msf postigeldumpfile set ACTION msf postigeldumpfile...
📄 Confluence 8.x Privilege Escalation
Metasploit module proof of concept exploit that demonstrates an authentication bypass vulnerability Confluence version 8.x. ============================================================================================================================================= | Title : Confluence 8.x...
metasploit-framework
This is the Metasploit Framework repository, a comprehensive collection of tools and resources for penetration testing and vulnerability assessment. The repository contains a wide range of modules, including exploits, payloads, and auxiliary tools, which can be used to test and exploit...
Metasploit Wrap-Up 11/14/2025
It has “SUS” in the name, what did you expect? This week’s release features the much-hyped CVE-2025-59287, a Critical-Severity Windows Server Update Service WSUS vulnerability that allows for SYSTEM level remote code execution. Documented among the multiple recent zero-days in Windows, the...
Metasploit Wrap-Up 10/31/2025
New module content 3 ReDoc API Docs UI Exposed Author: Hamza Sahin Type: Auxiliary Pull request: 20594 contributed by HamzaSahin61 Path: scanner/http/redocexposed Description: Adds a module to detect publicly exposed ReDoc API documentation pages using read-only HTTP GET requests searching for...
📄 Windows Persistent Task Scheduler
This Metasploit module establishes persistence by creating a scheduled task to run a payload. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Persistent Task Scheduler', 'Description' =...
Windows Persistent Task Scheduler
This Metasploit module establishes persistence by creating a scheduled task to run a payload...
Windows Persistent Startup Folder
This Metasploit module establishes persistence by creating a payload in the user or system startup folder. Works on Vista and newer systems...
Exploit-Android
Exploit-Android اختراق هواتف الاندرويد عبر انشاء ملف MP4 ملغم ا...
Exploit for CVE-2020-1472
Domain-Controller-DC-Exploitation-with-Metasploit-Impacket End...